All administrator accounts should have a complex password and password change should be enforced.
Check out this tip to the master key system audio learn more.
It is also critical to have an up-to-date list of all the accounts.
The following options are available on this page: Securables.Public check box All SQL Server users, groups, and roles belong to the public fixed server role by default.On the Standard bar, click New Query.This is required in order to be able to identify the people behind each and every database change.Under Enter the object names to select (examples), click Browse.Use Active Directory and do not create SQL Server logins.
This ensures that logins must change their passwords on first logon.
For more information, see.
To unlock a login that is locked out, execute alter login with the unlock option.
Restrict the access to the SQL Server backup folders.
Permission can be granted at the database, schema, or object level.Limit the number of employees who have Windows Administrator access on the SQL Server.As a best practice, you should limit the administrative access only to those who really require.As a security principal, permissions can be granted to logins.Top Show: Inherited Protected.Do you have a checklist to start with?In comparison to Windows Authentication mode, Mixed Mode Authentication supports both Windows accounts and SQL-Server-specific accounts to log into SQL Server.You can use SQL Server logins, but a complex password is a must.