So and end user has decided they need a new login created on your SQL Server to complete a project/assignment. Immediately a question explosion happens in your mind, right? What will the login name be? What will this login need access to? What will be done with it? Who will have access to the password? How complicated should the password be? You get the point.
Well, today I’m offering up a solution for one of the questions that may seem menial, but to me it’s a pet peeve. How to provide the password to an end user in a simple way without putting it in an email or typing it in an IM or writing it on a sticky note (you wouldn’t do that would you??? hmmmm). Yes, a phone call is a perfectly good way of controlling the sitaution, but I often find people people always want to copy and paste and sometimes I’d rather not make myself instantly accessible to an end user and this is a nice buffer. Below is a process I’ve used for years to provide this information and it’s treated me well.
Secure-Table Method
Once you have the login and password defined in your SQL Server and have granted the appropriate permissions:
1) Create a table (often I just do this in master as every login should have public access to the DB) defined with two columns; one for the login name and one for the password
2) Insert the login name and the password into the table you created
3) Grant SELECT permissions ON the table you created TO the end user who needs to know (only you, the end user you granted permissions to, and any other System Admins should then have access to this table)
4) Once the user has confirmed they have the login name and password, simply drop the table
Additionally, you could create a database specifically for this purpose and add a layer of encryption, but that’s up to you.
I realize this may be a bit overkill for some. But I like security, and I like sleeping at night. Putting a password into any insecure media, able to be accessed by who knows who, and for how long, asks me to question how long I should expect to keep my job.
Anyway, just a solution I thought I’d document. If it helps anyone, great. If not, only cost me about 30 minutes of my life Image may be NSFW.
Clik here to view.
