Ok, this isn’t a hack. It’s more of a tip that may help you protect data. Some of you would not have clicked a link to Andy’s Database Credentials Tip. You are welcome.
Provisioning an Azure SQL DB
When it’s time to provision an Azure SQL DB, I sometimes configure a username and password. (You can also use Azure Active Directory to connect to an Azure SQL DB instance).
Back in the day, I would use some generic – but easy to guess – name for the Administrator account. Something like “andy,” for example.
The LastPass Chrome extension includes a Generate Secure Password option:
I use this to generate the Server Admin Login value:
My thinking? Why give away half the key-value pair for logins?
LastPass isn’t the only way to generate a random string. I leverage it because, well, it’s right there in my browser already.
I cannot provide metrics for how often this trick has thwarted would-be attacks. I also do not know if this even slows bad guys down these days. But I’ve been doing this for a while and – if nothing else – it gives me a little peace of mind.