SQL Server Authentication Mode

Issue

In Mixed Mode, user name and password information is stored in Microsoft® SQL Server™. Mixed Mode is only intended for use in networks in which the servers, clients, and network infrastructure are physically protected, and all users are trusted. It is included in SQL Server 7.0 to provide backward compatibility with previous releases and to allow interoperability with products that do not support Windows NT® authentication.

In contrast, Windows NT Authentication Mode uses the typical Windows NT authentication mechanism, which was built for use in environments where security is important. All authentication information is housed on the domain controller rather than SQL Server, and it is protected because the information is encrypted.

Solution

Change SQL Server on your system that uses Mixed Mode to Windows Authentication Mode, if possible.

Instructions

To change SQL Server from Mixed Mode to Windows Authentication Mode

1. Click Start, point to Programs, point to Microsoft SQL Server, and then click Enterprise Manager.
2. Double-click Microsoft SQL Servers and SQL Server Group, right-click the server that you want to secure, and then click Properties.
3. In the SQL Server Properties dialog box, click the Security tab.
4. Under Authentication, click Windows only.

Note

• If the server is not currently running, it may take several moments to start.

Additional Information

SQL Server 7.0 Security

Microsoft SQL Server 2000 Security

Microsoft Security Bulletin (MS00-035): Frequently Asked Questions

©2002-2004 Microsoft Corporation. All rights reserved.