While not perfect, the T-SQL function CRYPT_GEN_RANDOM() generates cryptographically secure random number values using the Windows Crypt-API. Read on to get all the details on how to use it and when to avoid it.
Ownership chaining is a powerful tool for permission management. However, in some situations it can be misused to gain unauthorized access to a securable. Read on to see this in action.
The ownership chain enables us to setup guarded access in SQL Server. Guarded access means to grant securable access only through a procedure or view. That module can then be used to enforce additional security requirements. Read on to see how the ownership chain makes this possible.
The error message “An implicit user creation has failed.” indicates that SQL Server tried to create a user automatically and failed. Read on to see when and why this happens.
While we can capture true randomness, for typical applications we need a faster way to produce random numbers. Read on to see how in those cases a Pseudo Random Number Generator or Cryptographically Secure Pseudo Random Number Generator can be used.