Are SQL Server userid's and passwords passed in clear on the network?

 If you use multi-protocol net-lib with encryption then SQL standard security userids/passwords are encrypted along with the data.
When using an NT userid/trusted connection then passwords are not passed at all - the sids are used as in all NT credential checks.
If you are using SQL 7.0 client drivers talking to a 7.0 server then the SQL standard security userid/password is encrypted regardless of net-lib.
In any other case then the SQL standard security userid/password is sent in clear.

 

Security Administrator More info

     If the above options do not provide enough security for you, download Access manager for Windows.

Access manager provides much more security than standard ways in Windows.

More info

More articles about Security