Summary of Login ID Information

Following are brief descriptions of the information you manage while administering login IDs. This is summary information presented for quick reference purposes only. For more information about login IDs and how they act within the overall scheme of SQL Server security, see Chapter 8, Security Concepts.

Login Name

Specifies the SQL Server login identifier (login ID). A login ID allows user access to a SQL Server. It can have as many as 30 characters and must be unique for that server. The characters can be alphanumeric, but the first character must be a letter or the symbols # or _ (for example, CHRIS or TELLER8).

Password

Provides for secure use of the login ID. A password can have as many as 30 characters.

Because a password is confidential, it does not appear on the screen when you type it. The default password is NULL. If you leave the password box empty, the login ID will not have a password associated with it. Passwords that include characters other than A through Z or a through z or that begin with 0 through 9 must be enclosed in quotation marks.

When using standard or mixed security, you should not use a NULL password. With integrated security, there is no need to maintain passwords. However, if you change to standard or mixed security, anyone can log in if there are no passwords, so it is a good idea to set random passwords.

Default Language

Specifies the default language that a user uses for communicating with a server. Once the default language is set, the user is automatically logged in as using that language. Only the languages available to the server are available to the user. If when creating a login ID you do not specify a language, the server's default language is assigned.

Database Access

Provides settings that allow you to determine which databases the login ID can access.

Permit

Allows access to the database by the login ID user.

Default

Is the database that the user is connected to immediately after logging in to SQL Server. After the default database is changed, the user is connected to the new default database at the next login. However, before a user can access objects in the new default database, the user must have user permissions for the database.

If a default database is not assigned, the default database is master. It is recommended that you assign users to a default database other than master, to discourage users from creating database objects in the master database.

User

Specifies a username the login ID will use to access the database. By default, the user's login ID is entered. You can change the name. When you add the login ID, the specified database usernames are also added to the database.

A database username can have as many as 30 characters. The characters can be alphanumeric, but the first character must be a letter or the symbols # or _. If you don't type a username, the username is the same as the user's login ID.

Alias

Allows you to treat more than one person as the same user inside a database, giving all of them the same privileges. You can assign a login ID to an alias (instead of giving it a unique username). You cannot create database aliases while adding login IDs. You can only select from those aliases that already exist.

Aliases are often used so that several users can assume the role of database owner. Aliases can also be used to set up a collective user identity, within which the identities of individual users can be traced.

Group

Groups provide a convenient way to grant or revoke permissions to more than one user with a single statement. You can assign a database group to a login ID. While adding login IDs, you cannot create database groups; you can only select from those groups that already exist.

When a user is added to a database, if no group is specified, the user belongs to the public group.

For more information about database users, database aliases, and database groups, see Managing Database Users.