Advice on Maintaining Logins and Password

  • I'm having a discussion with our developers, networking team and IT manager about maintaining login info and passwords for SQL Server (storing this info in a secure file somewhere).

    My argument is that we don't necessarily need to save this info if we try to stick to windows authentication, with names that identify its purpose, separate for each app, service etc. If it is a service, then the name can consist of something like domain\[Server][Service], separate for each service.

    If a developer forgets the password, then they can request a new one from the network admin. If they use a different domain account for each app, then they only have to change the connection string in one location. If I forget a password and I have to reconfigure replication or something like that, I would do the same.

    Does anyone have an opinion on this topic? Is there a need to store this information that I'm missing?

    Thanks,

    James

  • The only thing I can think of is if you have some legacy connections using SQL logins that will need to be stored.

    You can look at some software solutions such as cyber-ark to manage passwords

Viewing 2 posts - 1 through 1 (of 1 total)

You must be logged in to reply to this topic. Login to reply