If you only care about protecting the login to the database, then you're OK, according to this MSDN article:
Credentials (in the login packet) that are transmitted when a client application connects to SQL Server are always encrypted.
But if you also care about protecting the data, then you should read the rest of the above MSDN link to learn about enabling SSL to protect the rest of the data stream.
Note also this older article which gives a caution on using ODBC connection (rather than the native tyep). I doubt you would be doing that, but just thought I'd mention it.