If your site policy requires simple binds for directory authentication of database users, as shown in LDAP Binding Options, consider that simple binding introduces security risks:
- Network connections to the database are vulnerable to man-in-the-middle attacks.
- Communications between the directory and the database transmit user identities and passwords across the network in plain text.
To eliminate the these security risks, Teradata strongly recommends that you configure SSL or TLS (preferred) protection for all systems that use simple binding.
SSL/TLS protection options may also benefit for systems using DIGEST-MD5 binding (the default). See Using SSL and TLS Protection for DIGEST-MD5 Binding.