Creating Security Accounts
New Information - SQL Server 2000 SP3.
Each user must gain access to an instance of Microsoft® SQL Server™ through a login account that establishes the user's ability to connect (authentication). This login then has to be mapped to a SQL Server user account, which is used to control activities performed in the database (permissions validation). Therefore, a single login is mapped to one user account created in each database the login is accessing. If no user account exists in a database, the user cannot access the database even though the user may be able to connect to an instance of SQL Server.
Security Note Avoid using the guest account; all logins without their own database permissions obtain the database permissions granted to this account. If you must use the guest account, grant it minimum permissions.
The accounts used to log in to SQL Server are either created in SQL Server (and use SQL Server Authentication) or are created in Microsoft Windows NT® 4.0 or Windows® 2000 and granted login rights (using Windows Authentication).
Security Note When possible, use Windows Authentication.