If you write code for Microsoft SQL Server then you probably want to know how to prevent SQL injection attacks. Paul Litwin, chair of the Microsoft ASP.NET Connections conference and owner of Deep Training , wrote an article, "Stop SQL Injection Attacks Before They Stop You," that is now posted at Microsoft's website. Litwin gives lengthy advice on sanitizing input, using least privileges, storing secrets securely, and more