A system security officer can use net password encryption to specify whether connections with a remote server are to be initiated with a client-side password encryption handshake or with the usual unencrypted password handshake sequence. The default is false.
If net password encryption is set to true:
The initial login packet is sent without passwords.
The client indicates to the remote server that encryption is desired.
The remote server returns an encryption key, which the client uses to encrypt its plain text passwords.
The client then encrypts its own passwords, and the remote server uses the key to authenticate them when they arrive.
This example sets net password encription to true:
sp_serveroption GATEWAY, "net password encryption", true
