SQL Server Password Management:

Improving SQL Server password management includes thorough password testing and securing SQL Server installations beyond the main database server.

You have just removed the builtin/Administrators group from...

Temporarily Changing an Unknown Password of the sa Account

You are asked for the sa password for a SQL Server in order to perform a software upgrade. You, the DBA, don't know the password and it's not documented. Rodney Landrum provides a way out of this dilemma, demonstrating two techniques for temporarily changing the password, and then returning it to its previous unknown value.

Encryption: Not the End-All Fix for Data Privacy

Many state data-breach laws exempt encrypted data from PR-nightmare public-notice requirements, but don't let that fool you into thinking it's an easy answer to the data privacy challenge. Here's the lowdown on loopholes, caveats and options to consider when applying encryption.

Scripting permissions using catalog views in SQL Server 2005

A nice How-To from one of the most respected SQL Server MVPs.

Stop SQL Injection Attacks Before They Stop You

This article discusses: How SQL injection attacks work, Testing for vulnerabilities, Validating user input, and more.

Understanding DDL Triggers in SQL Server 2005

SQL Server 2005 includes a number of new security enhancements to aid the DBA in managing their SQL Server. DDL triggers allow you to trap all kinds of DDL events that occur on your server. S. Srivathsani brings us a look at these new events.

The SQLCLR permission sets are actually enforced via...

What is the strongest level of encryption you...

Which fixed database roles can execute the BACKUP...