Give your opinion, whether you agree or not.

Windows Authentication the account is in the Active Directory for the Domain. The SQL conducts the checks whether the permissions were granted, or the passwords work effectively. The process done by the server helps in account management, and the process of securing passwords. The system can be made more effective using password security policies such as how to use the passwords and the creation of strong passwords. On the other hand, the SQL Server Authentication is whereby the account is found in the SQL server but not in the Domain. Therefore, the username and passwords are operated from a master database. For example, changing passwords are done within the SQL servers. The organization's policies also guide the use of passwords.

The SQL Server performs authentication from the connection of a nontrusted connection by checking if the SQL used in the log is well-setup and if the password from the untrusted user matches with the recorded or stored password. If the SQL has no login information, then the process fails, and the user cannot access the systems. The user receives an error message that prompts a denial of access. It is not advisable to enable the SA account in SQL Server because it might be exposed to hackers. The SA account should be locked completely and operated by one person. The SA account is well known and most targeted by malicious users; so, it is advisable not to enable the account unless it should be used in the operations.