I was asked this today and I honestly did not know the answer. If you connect using a connection string without sspi to a server is there any way a 3rd party can intercept on the wire the password used to log in?
"Data Source=MyServer;Initial Catalog=MyDatabase;User Id=sa;Password=CanThisBeSniffed;"
I am not asking about MiTM attacks just someone listing on the same computer or on the same hub on the network with wireshark or something similar running.
I fired up wireshark myself and did not see it in plain text but it could be a simple obfuscation or proper encryption, I just wanted to know which.