I am in the process of tightening the belt on security on my inherited SQL Server system and I have a web developer who has been using the same login for multiple applications pointing to multiple corresponding databases.
Also, this developer has a bad habit of not specifying the Application Name in the connect string.
The issue I see here is that am running a SQL Trace to locate specific users being used by our web apps. I noticed some questionable code that could be vulnerable to injection.
The problem is I cannot tell what app, and I can't tell by user either.
My common sense tells me that If I had an injection attack I would not be able to pinpoint the actual application in question. Also it seems to me that If someone hacked the username and password for one of these the whole lot of databases (and/or more) are in deep s**t. Granted, if someone could brute force a password from one what would stop them from any other one, but at least it would slow them down.
Just would like a bit of confirmation on my thoughts or if you have some wisdom you can share!