Creating a SQL Server user authentication schema
Learn how to create a SQL Server user authentication schema having password and tracked data changes requirements and how it involves Windows authentication.
How can I generate a SQL Server user authentication/authorization schema (tables/keys/indexes) to support the following requirements:
- A user is required to have a login name, first name, last name, and password.
- A user password will expire in 90 days.
- A user account will be locked after five failed attempts in five minutes.
- A locked account will automatically be unlocked 20 minutes after last failed login attempt.
- A user can change their password but it cannot be the same as any of the last 10 passwords used.
- All data changes have to be tracked and attributable to the person making the changes.
If you are using SQL Server authentication, you will have to put source code in your application to account for "1" and "2". Since SQL Server will be doing the authentication, you won't be able to perform "3" through "6". If you choose to use Windows authentication – more secure with some tradeoffs – you'll be able to set the password complexity and lockout options with a Group Policy Object or Local Security Policy.
This was first published in
December 2007
Dig deeper on SQL Server Security
Pro+
Features
Enjoy the benefits of Pro+ membership, learn more and join.
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical SQL Server challenges.
Meet all of our SQL Server experts
View all SQL Server questions and answers
0 comments
Oldest Newest