I'm new to MS SQL Server.
Colleagues working in IT security, have run an scan showing come DB users with null password.
Some of them are ( # included )
##MS_SQLResourceSigningCertificate##
##MS_SQLReplicationSigningCertificate##
##MS_SQLAuthenticatorCertificate##
##MS_PolicySigningCertificate##
##MS_SmoExtendedSigningCertificate##
##MS_AgentSigningCertificate##
I suspect they are not a security threat but, since they don't use Windows Authentication either, I don't know how to support that assumption.
What are these logins for ?
Best Answer
These logins are created from a certificate. In fact, if you run the following query:
You will see that they are of type
CERTIFICATE_MAPPED_LOGIN
. They are used typically to sign code. And you cannot use a certificate mapped login to connect with SQL Server. Please see this BOL reference onCREATE LOGIN
: