none
Enterprise Mgr pw xmit

    Question

  • When using a database in standard mode, when you sign in remotely using enterprise manager, is the password sent to the database in plain text?

    jeudi 10 juillet 2008 20:27

Réponses

  •   In SQL Server 2005, by default SQL native client will encrypt the login packet in order to protect the password (for details, I recommend the following article from the SQL protocols blog: http://blogs.msdn.com/sql_protocols/archive/2005/11/10/491563.aspx ).

     

      If you are using SQL Server 2000 or your client does not accept the self-signed certificate or the client version is older, the password will be transmitted basically in clear text. In such scenarios is highly recommended to enable SSL in order to protect the authentication packets. You can find more information on this topic on the following KB "http://support.microsoft.com/default.aspx?scid=kb;en-us;318605"

     

      I hope this information helps.

     

      -Raul Garcia

      SDE/T

      SQL Server Engine

     

    vendredi 11 juillet 2008 00:27
    Modérateur