I use NT Authentication myself. This way I can see who did what and roll back transactions on a user if needed. Their NT Userid is what I use.

In code:
* connect to the server
lcConStr = "DRIVER=SQL Server;SERVER=A23339\SR_TEST;TrustedConnection=Yes "
lhX = SQLStringConnect( lcConStr )

HTH

__Stephen

>Hi everyone!
>
>I'm just wondering what people here use for basic authentication when it comes to client-server applications. For simplicity, I'll assume a VFP frontend (of course) and a MS SQL Server backend.
>
>When making the connection to SQL, do you usually connect using a user-provided username/password (or NT security, if available), meaning that you create each of your users in SQL (or add NT users)...
>
>- or -
>
>do you create a single user for your application (MyAppUser) on SQL Server, connect using that user and then [optionally] authenticate users with a username/password table in the database?
>
>I'm not talking about a large-scale web application where you have no idea who's going to log in with your apps, but rather a "traditionnal" client-server application where you know who's going to connect (within a business). In my case, I'm thinking along the lines of 15 to 20 users.
>
>I'm asking because I see advantages and inconveniences on both approaches, and I can't say I like one way over the other, so I thought I'd ask what other people do!
>
>Thanks!