The following describes logins and how they relate to security.
Using the “sa” login – when you install Adaptive Server, a single login called “sa” is configured with the system administrator and system security officer roles, which means that the “sa” login has unlimited control over what occurs in the database.
Use the “sa” login only during initial setup. Instead of allowing several users to use the “sa” account, establish individual accountability by assigning specific roles to individual administrators.
Changing the “sa” login password – the “sa” login is configured initially with a “NULL” password. Use sp_password to change the password immediately after installation.
WARNING! When logging in to Adaptive Server, do not use the -P option of isql to specify your password because another user may have an opportunity to see it.
Enabling auditing – enable auditing early in the administration process so that you have a record of privileged commands that are executed by system security officers and system administrators. You might also want to audit commands that are executed by those with other special roles, such as operators when they dump and load databases
Assigning login names – assign Adaptive Server login names that are the same as their respective operating system login names. This makes logging in to Adaptive Server easier, simplifies management of server and operating system login accounts, and makes it easier to correlate the audit data generated by Adaptive Server with that of the operating system.
