i'm suprised this is just coming out now since 6.5 has had the same behavior for over a year. i've had the unfortunate experienc of working with both 6.5 and 7. both have a default sa password of "" and neither one prompt for the person installing to change the password. i can't tell you how may times i have been able to get into a mssql db because the person installing didn't know to set the sa password.
should we really be suprised by ms's lack of security?
Slashdot Mirror
should we really be suprised by ms's lack of security?