March 14, 2008

Understanding Authentication and Authentication Mode in Sql Server 2005

There is a difference between 'Authentication' and 'Authentication mode' in SQL Server 2005.

Authentication (2 types) - Windows and SQL Server Authentication.

Authentication mode (2 types) - Windows Authentication mode and Mixed Mode.

When using 'Windows authentication mode' you can only use Windows authentication to connect to SQL Server. When using 'Mixed mode' you can use either 'Windows authentication' or 'SQL Server authentication' to connect to SQL Server 2005

When to use what?

'Windows Authentication Mode' is much more secure than Mixed Mode. Windows Authentication utilizes Kerberos security protocol. Remember that in a typical installation, Windows Authentication is the default security mode. So when a user having a Windows user account connects to SQL Server, the server validates the account credentials using information in the Windows operating system.

SQL Server Authentication is provided for backward compatibility only. Whenever possible, use Windows Authentication.

If all the users users accessing the database are Microsoft Windows users, use 'Windows authentication mode' . If your environment consists of Windows users and Non-Windows users use 'Mixed mode'.

About The Author

Suprotim Agarwal, ASP.NET Architecture MVP works as an Architect Consultant and provides consultancy on how to design and develop Web applications.

Suprotim is also the founder and primary contributor to DevCurry, DotNetCurry and SQLServerCurry. He has also written an EBook 51 Recipes using jQuery with ASP.NET Controls.

Follow him on twitter @suprotimagarwal

1 comment:

rinigaur said...

Excellent, Easy to understand Thanks :)