SQL Server supports two authentication modes,
- Windows authentication mode
- Mixed mode.
Windows authentication is the default, and is often referred to as integrated security because this SQL Server security model is tightly integrated with Windows. Specific Windows user and group accounts are trusted to log in to SQL Server. Windows users who have already been authenticated do not have to present additional credentials.
Mixed mode supports authentication both by Windows and by SQL Server. User name and password pairs are maintained within SQL Server.
The windows password policy check against password minimum length, password history (password can’t be used if it is the same as previous N password), the password minimum life (password can’t be changed within a minimal time since creation) and maximum life (password is forced to expire after the maximum life), and login can be locked out if inputting wrong password continuously for certain times.
SQL Server provides Windows password policy mechanisms for SQL Server logins when it is running on Windows Server 2003 or later versions. SQL Server can apply the same complexity and expiration policies used in Windows Server 2003 or later versions to passwords used inside SQL Server.
Window- Local security policy – Account policy:
When we create new SQL server/Database user we enforce parallel window password policy in order to standardize and secure our SQL server authentication. This windows password policy is control by active directory (AD), most cases similar policy has been applies all over the domain/groups.
For more information:
-by : MD ULLAH