07 July,2012 by Jack Vamvas
1) CHECK_POLICY option of CREATE USER. This option forces the SQL Server host Windows password policies to be enforced on SQL Server Logins. Include this setting as part of a SQL Server Security Policy
2) Turn on the Failed logins Only option on Login Auditing
USE [master] GO EXEC xp_instance_regwrite N'HKEY_LOCAL_MACHINE', N'Software\Microsoft\MSSQLServer\MSSQLServer', N'AuditLevel', REG_DWORD, 2 GO
3) Generate a daily report using Powershell and SQL Server Error Logs. Work with application owners to identify and fix failed logon attempts.