The issue: SQL Server grand Server level permissions and database level permissions to all new users, which is a security issue. In this post I will present some of the permissions which any new login gets and how we can revoke or deny these permissions. This post based on the question asked in the MSDN forum and presents some theoretical options. Whether you should do it in production is another discussion...

This post present code to configure default configuration parameters for each new LOGIN created in the server instance. The code configures parameters like: default database, default language, password will not expire, and password policy will not be checked. The solution presented here is based on using DDL TRIGGER ON CREATE_LOGIN event and is part of an answer I gave on the MSDN forum.