3.4 Ensure SQL Authentication is not used in contained databases

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Contained databases do not enforce password complexity rules for SQL Authenticated users.


The absence of an enforced password policy may increase the likelihood of a weak credential being established in a contained database.


While contained databases provide flexibility in relocating databases to different instances and different environments, this must be balanced with the consideration that no password policy mechanism exists for SQL Authenticated users in contained databases.


Leverage Windows Authenticated users in contained databases.

Default Value:

SQL Authenticated users (USER WITH PASSWORD authentication) are allowed in contained databases.

See Also