Friday, July 10, 2009
What is the difference between windows authentication and sql server authentication
In simple words
Windows authentication is highly secure than SQL Server authentication why because we need not provide any login details. So the chance of tracing login details from code by the unauthorized persons will be less. Windows authentication uses the default windows login credentials.
SQL Authentication :
SQL Authentication is the typical authentication used for
various database systems, composed of a username and a
password. Obviously, an instance of SQL Server can have
multiple such user accounts (using SQL authentication) with
different usernames and passwords. In shared servers where
different users should have access to different databases,
SQL authentication should be used. Also, when a client
(remote computer) connects to an instance of SQL Server on
other computer than the one on which the client is running,
SQL Server authentication is needed. Even if you don't
define any SQL Server user accounts, at the time of
installation a root account - sa - is added with the
password you provided. Just like any SQL Server account,
this can be used to log-in localy or remotely, however if
an application is the one that does the log in, and it
should have access to only one database, it's strongly
recommended that you don't use the sa account, but create a
new one with limited access. Overall, SQL authentication is
the main authentication method to be used while the one we
review below - Windows Authentication - is more of a
convenience.
Windows Authentication :
When you are accessing SQL Server from the same computer it
is installed on, you shouldn't be prompted to type in an
username and password. And you are not, if you're using
Windows Authentication. With Windows Authentication, the
SQL Server service already knows that someone is logged in
into the operating system with the correct credentials, and
it uses these credentials to allow the user into its
databases. Of course, this works as long as the client
resides on the same computer as the SQL Server, or as long
as the connecting client matches the Windows credentials of
the server. Windows Authentication is often used as a more
convenient way to log-in into a SQL Server instance without
typing a username and a password, however when more users
are envolved, or remote connections are being established
with the SQL Server, SQL authentication should be used.
There is a difference between 'Authentication' and 'Authentication mode' in SQL Server 2005.
Authentication (2 types) - Windows and SQL Server Authentication.
Authentication mode (2 types) - Windows Authentication mode and Mixed Mode.
When using 'Windows authentication mode' you can only use Windows authentication to connect to SQL Server. When using 'Mixed mode' you can use either 'Windows authentication' or 'SQL Server authentication' to connect to SQL Server 2005
When to use what?
'Windows Authentication Mode' is much more secure than Mixed Mode. Windows Authentication utilizes Kerberos security protocol. Remember that in a typical installation, Windows Authentication is the default security mode. So when a user having a Windows user account connects to SQL Server, the server validates the account credentials using information in the Windows operating system.
SQL Server Authentication is provided for backward compatibility only. Whenever possible, use Windows Authentication.
If all the users users accessing the database are Microsoft Windows users, use 'Windows authentication mode' . If your environment consists of Windows users and Non-Windows users use 'Mixed mode'.
Windows authentication is highly secure than SQL Server authentication why because we need not provide any login details. So the chance of tracing login details from code by the unauthorized persons will be less. Windows authentication uses the default windows login credentials.
SQL Authentication :
SQL Authentication is the typical authentication used for
various database systems, composed of a username and a
password. Obviously, an instance of SQL Server can have
multiple such user accounts (using SQL authentication) with
different usernames and passwords. In shared servers where
different users should have access to different databases,
SQL authentication should be used. Also, when a client
(remote computer) connects to an instance of SQL Server on
other computer than the one on which the client is running,
SQL Server authentication is needed. Even if you don't
define any SQL Server user accounts, at the time of
installation a root account - sa - is added with the
password you provided. Just like any SQL Server account,
this can be used to log-in localy or remotely, however if
an application is the one that does the log in, and it
should have access to only one database, it's strongly
recommended that you don't use the sa account, but create a
new one with limited access. Overall, SQL authentication is
the main authentication method to be used while the one we
review below - Windows Authentication - is more of a
convenience.
Windows Authentication :
When you are accessing SQL Server from the same computer it
is installed on, you shouldn't be prompted to type in an
username and password. And you are not, if you're using
Windows Authentication. With Windows Authentication, the
SQL Server service already knows that someone is logged in
into the operating system with the correct credentials, and
it uses these credentials to allow the user into its
databases. Of course, this works as long as the client
resides on the same computer as the SQL Server, or as long
as the connecting client matches the Windows credentials of
the server. Windows Authentication is often used as a more
convenient way to log-in into a SQL Server instance without
typing a username and a password, however when more users
are envolved, or remote connections are being established
with the SQL Server, SQL authentication should be used.
There is a difference between 'Authentication' and 'Authentication mode' in SQL Server 2005.
Authentication (2 types) - Windows and SQL Server Authentication.
Authentication mode (2 types) - Windows Authentication mode and Mixed Mode.
When using 'Windows authentication mode' you can only use Windows authentication to connect to SQL Server. When using 'Mixed mode' you can use either 'Windows authentication' or 'SQL Server authentication' to connect to SQL Server 2005
When to use what?
'Windows Authentication Mode' is much more secure than Mixed Mode. Windows Authentication utilizes Kerberos security protocol. Remember that in a typical installation, Windows Authentication is the default security mode. So when a user having a Windows user account connects to SQL Server, the server validates the account credentials using information in the Windows operating system.
SQL Server Authentication is provided for backward compatibility only. Whenever possible, use Windows Authentication.
If all the users users accessing the database are Microsoft Windows users, use 'Windows authentication mode' . If your environment consists of Windows users and Non-Windows users use 'Mixed mode'.
# posted by CHANDU @ 2:05 AM 
Subscribe to Comments [Atom]
