October 2007 - Posts

SQL Server undocumented password hashing builtins: pwdcompare and pwdencrypt
First, I must say that I don't know why these exist in an undocumented form. They have been around for a long time and a search on their names gets me back pages of hits. Being undocumented means that their actual implementation may change slightly from Read More...
Posted 31 October 07 11:08 by lcris | 0 Comments   
Filed under , ,
Basic SQL Server Security concepts: SIDs, orphaned users, and loginless users
I am grouping here two topics (orphaned users and loginless users) that are actually very different, but I have often seen confusion between them, so I am covering them together in an attempt to dispel that confusion. In a previous discussion of logins Read More...
Posted 25 October 07 05:42 by lcris | 0 Comments   
Filed under , , ,
SQL Server 2005: A note about the use of certificates
To avoid any confusion, this post is not about the use of certificates for securing the communication between a client machine and the server; instead, this refers to the use of certificates created via the CREATE CERTIFICATE DDL. I am prompted in writing Read More...
Posted 04 October 07 08:59 by lcris | 1 Comments   
Filed under , , ,
SQL Server 2008: Transparent data encryption feature - a quick overview
I have kept silent on this feature while it was being developed, but as it has now been publicly advertised in various ways (being mentioned here , here , here , and here , for example), I think it is probably time to write a bit about it. Given that Read More...
Posted 03 October 07 04:55 by lcris | 2 Comments   
Filed under , , ,
Page view tracker