Last post Mar 01, 2015 05:13 PM by PatriceSc
Mar 01, 2015 03:41 PM|damon2012|LINK
As part of this installation you get to a Server Configuration screen,
"Specify the authentication mode and administrators for the Database Engine".
You have two options - Windows auth mode and Mixed Mode .
Only if you click mixed mode do you get to enter a password for sa account.
What is best practice here? Shouldnt you always change the default sa password which would mean you have to select mixed mode?
Thanks a lot.
Mar 01, 2015 04:10 PM|PatriceSc|LINK
If using Windows auth, you just can't use SQL Server accounts such as sa (so there is no point in entering a password).
Mar 01, 2015 04:29 PM|damon2012|LINK
Why would you choose one over the other?
Mar 01, 2015 05:13 PM|PatriceSc|LINK
Windows auth allows to use only Windows accounts and according to
https://msdn.microsoft.com/en-us/library/bb669066(v=vs.110).aspx they are more secure. It's slightly more difficult to use though (for example you need to configure your application pool and need to get some support from those handling Windows accounts
at your company etc...).
So if I can I'm using a Windows account so that my app runs under its own account and uses that to access all resources (including SQL Server & network shares). If hosting on Azure (or other hosters) you have to use SQL accounts.