Security is an Attitude not a Toolset Monday, 20 Oct 2003 I've been seeing numerious articles recently about security of web applications and the like. Where as it is a good thing if software venders remove all the buffer overflow holes, it will make no difference if people will insist on using "password" as a password on SQL Server SA accounts!