A. If you use multi-protocol net-lib with encryption then SQL standard security userids/passwords are encrypted along with the data.

When using an NT userid/trusted connection then passwords are not passed at all - the sids are used as in all NT credential checks.

If you are using SQL 7.0 client drivers talking to a 7.0 server then the SQL standard security userid/password is encrypted regardless of net-lib.

In any other case then the SQL standard security userid/password is sent in clear.