Why does SQL Server change to single-user mode?

The two verification methods are significantly different.

The focus is on trusted connections and untrusted connections.

Windows authentication is more secure than Hybrid Authentication. When using this connection mode, SQL does not judge the SA password, but performs authentication only based on the user's windows permissions. This is called "trusted connection ", however, during remote connection, you cannot log on because of ntml verification.

Hybrid Authentication means that when a local user accesses SQL, Windows authentication is used to establish a trusted connection. When a remote user accesses SQL, Windows Authentication fails, for SQL Server Authentication (SA users can also log on to SQL), and establish a "untrusted connection", so that remote users can log on.

More directly, it is Windows authentication. If the SA password is not verified and the Windows logon password is incorrect, you cannot access SQL. in hybrid mode, you can use Windows authentication to log on, you can log on remotely using the SA password.

To be accurate, the Hybrid Authentication mode is based on Windows identity authentication and SQL Server identity Hybrid Authentication. In this mode, the system determines whether the account is trusted in the Windows operating system. For trusted connections, the system uses Windows Authentication instead of trusted connections, this connection includes not only remote users but also local users. SQL server automatically verifies the connection by the existence of the account and password matching. For example, when an SQL server instance runs on Windows 98, hybrid mode is required because Windows 98 does not support Windows Authentication mode.

Alter database dbname set single_user
Goalter database dbname set multi_user
Go