store sa password for the SQL Server?

  • Thread starter Thread starter Fredrik Melin
  • Start date Start date
F

Fredrik Melin

Hi,

my application need to "know" the sa password for the database it's using.
How should I store it? What encryption should I use?
Anyone have a .net sample how this is easiest done?

Regards
Fredrik Melin
 
.. . .
my application need to "know" the sa password for the
database it's using.
Click to expand...

No, it doesn't!

Your programs might - just /might/ - need a username/password
combination that gets it Database Owner permissions but it
*definitely* doesn't want to be going /anywhere near/ "sa".
(The sa account, BTW, would give you access to *every*
database on your server, not just one).

The /only/ things that should be using the "sa" account are your
System Administrators.

Regards,
Phill W.
 
You can use a variety of encryptions, there are already several wrapped
API's in existance for dotnet. Just search for crypt on planetsourcecode.
You'll find a ton of stuff there (prebuilt classes etc).

However, if you rusing a .config file to store it remember a few things. 1,
yes it is encrypted, but still availible to spying eyes that have access.
So if they figure out your key, your password is opened up.

2) once encrypted you won't be able to directly bind (Dynamic Property)
connection strings to sqlConnections.

If you can use Integrated Security, a lot easier to deal with once you have
it all setup.

-CJ
 
Yes, system admins, my application wraps certain things as create database,
create users, logins and so on, allowed only for "system administrators"

In MSDE 2.0 a db owner normal user does NOT have access (not same as SQL
server 2000) to create logins etc, only with SA can I perform those actions.
That is why I need it.

Regards
Fredrik
 
Nevermind, found the problem, as always microsoft problems always are solved
with another reboot.
 
My created account got sa privliges after the reboot, thought it was
something in the MSDE that didnt
allow created users to be sa, but it took a reboot for the MSDE to work
correctly. Therefor no need to save sa password :)
 
weird....

=)

Fredrik Melin said:
My created account got sa privliges after the reboot, thought it was
something in the MSDE that didnt
allow created users to be sa, but it took a reboot for the MSDE to work
correctly. Therefor no need to save sa password :)
Click to expand...
 
Back
Top