• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 513
  • Last Modified:

using an SQL Table as the source for sql logins?

Hi all,

Im just wondering if its possible to use an SQL table as the source for SQL logins, basically i want the logged in users credentials to log in as the sql connection string.

ID presume thats how most login sites do it? or do they have a connection string with 1 login? is that secure?

3 Solutions
i cant speak for all software developers but the most of them are using a connection string for login to sql servers and implement the security as a part of their software.
Guy Hengel [angelIII / a3]Billing EngineerCommented:
you can of course create as many sql logins as you want, and use that one for the connection.
otherwise, if you created your own table, you use 1 single sql login for the connection string, and do a "application wise" login (checking the username/password) in your own table.
Julian HansenCommented:
As far as I know standard practice is

App has a login to SQL
Table in database stores app logins.

I don't think one is more secure than the other - I usually store connection strings in a resource that is not browsable (file / registry) so the only way to get it is to get access to the physical server. Or using preferably using Integrated security so only the IIS user account has access.

Creating a new user in SQL for each new login is possible but quite complex compared to adding a row to a table. One could argue it is more secure than the stored user name and password method but it is on a par with Integrated security so I would go with that.

Setup your server with integrated security and manage the logins in a table.
awilderbeastAuthor Commented:

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Tackle projects and never again get stuck behind a technical roadblock.
Join Now