Authentication


Check

Description

Windows authentication is used to connect to the database.

Strong passwords are used and enforced.

If SQL Server authentication is used, the credentials are secured over the network by using IPSec or SSL, or by installing a database server certificate.

If SQL Server authentication is used, connection strings are encrypted by using DPAPI and are stored in a secure location.

Application connects using a least-privileged account. The sa account or other privileged accounts that are members of the sysadmin or db_owner roles are not used for application logins.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net