Password Hashing Overview In the world of web development and password storage, an ongoing debate lingers on, and probably will forever. The currently accepted “best practice” for hashing passwords is called Argon2 (wikipedia link to argon2). To give a brief overview of what it is, it takes any string (like your password) and converts it… Read More »
The conflicting messages we get pertaining to online security are confusing to the casual user.
Allow me to explain…
Let me state my position from the outset: Favoring AD Groups for security in SQL Server over individual AD Logins is a mistake. I don’t care what the “best practice” is. It’s a headache with no discernible advantage.
After years of going to sslforfree.com every few months just to regenerate another SSL certificate for this site, I have discovered the way to handle it automatically.
When your security gets unruly, it can get time consuming to figure out how a user is accessing a SQL instance. Sometimes you may know that a user is getting access via one certain AD group but you aren’t sure if any other groups are granting access. Furthermore, a user might be in a group… Read More »
Just a quick note on a scenario I ran into, and what I did to fix it: Scenario A user was running a stored procedure that created a table. Rather than having a table created in the "dbo" schema, it was creating a table with their user name as the schema, as in: DOMAIN\Username.TableName. The… Read More »
Maybe this is a one-off type of thing, but if you need to see every folder within a directory and get the list of who can access that folder, it can be done using PowerShell. The output is tab-separated and can easily paste into an Excel sheet. cls cd \\DIRECTORY_NAME\CHANGE_THIS $items = get-childitem -R |… Read More »
Returns a report that has information about user permissions for an object, or statement permissions, in the current database. To find stored procedures that “username” can access: exec sp_helprotect @username = ‘username’ To see all objects in database and who has access: exec sp_helprotect For complete capabilities see http://msdn.microsoft.com/en-us/library/ms190310.aspx
Update 08/28/2011 After doing some research, it seems that FirePGP is no longer an active project. That means that you cannot use all of the method shown in that tutorial. But don’t worry because much of the other process is still valid. I’ll be posting a full tutorial on how to create your own… Read More »