SQL Server 2005 introduced a means to enforce password and lockout policies for SQL Server login accounts when using SQL Server Authentication. SQL Server 2008 continues to do so.

I've got a SQL server that I'm reviewing that uses mixed mode authentication. I have an entry in the syslogins table that lists a user with a NULL password, this user is an NTUser that does have ...

If you are using mixed authentication mode (“SQL Server & Windows Authentication Mode”) you are vulnerable. SQL Server 2000, 2005, and 2008, running on all supported Windows platforms.

If it isn’t selected on your system, select it. We’ll use Windows Authentication Mode as opposed to SQL Server Mixed Mode. (Mixed Mode comprises Windows Security and SQL Server’s own ...

So, as I see it, my only alternative is to setup SQL server in mixed authentication mode, create a login for that user and then hard-code the username and password into the connection string.