How do most companies create secure connections to a SQL Server from a .net Microsoft ... this application is that it the configuration file contains the Username and Password to connect to ...

Sentrigo, a database security software company, has discovered a flaw in Microsoft SQL Server that allows any user with administrative privileges to read the unencrypted password of all other users.

For more than a year, Microsoft has been sitting on a purported SQL Server vulnerability that could enable a malicious insider to obtain users' passwords, claims database security vendor Sentrigo.