Home
Topics
Microsoft SQL Server Administration
SQL Server Security
Encrypting password fields in SQL Server

Encrypting password fields in SQL Server

I have received a request to have a password field inside of a database table encrypted. The user would like to also be able to decrypt the field when validating users. What is the best way to go about doing this? Does it require a third-party application?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

It doesn't require a 3rd party application. You can do this yourself. All it requires is for you to utilize an encryption algorithm in your application. Data coming in is encrypted and then sent on to the SQL Server where it is stored. When a validating a user, it passes through your application where the process is reversed. I would very strongly recommend that when you are doing this, that algorithm is locked up and very tightly controlled. In no case should it ever be used to allow a user to decrypt the data and view it in a report or via some other manner. Once encrypted, the data should always be encrypted except during validation processes within your application which never retains the password. There is a third-party tool that can do this for you as well called Encryptionizer.

For More Information

Dozens more answers to tough SQL Server questions from Michael Hotek are available here.
The Best Microsoft SQL Server Web Links: tips, tutorials, scripts, and more.
The Best SQL Web Links
Have a SQL Server tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
Ask your technical SQL Server questions -- or help out your peers by answering them -- in our live discussion forums.
Ask the Experts yourself: Our SQL, database design, SQL Server, DB2, object-oriented and data warehousing gurus are waiting to answer your toughest questions.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in October 2003

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Business Analytics
Data Center
Data Management
Data Management UK
Oracle
Content Management
Windows Server

Business Analytics
- Real-time data analytics aims to boost businesses' speed of thought
  
  Real-time business intelligence can help improve operational decisions by enabling BI to be done in business systems. Read about how to make it work.
- Strata speaker calls for increased focus on data scientist education
  
  Society should do more to encourage the next generation of data scientists, according to a speaker at last week's O'Reilly Strata Conference.
- Strata speaker cites key characteristics for success in data science
  
  Senior research scientist Rachel Schutt offers a rundown of the common traits shared by people who have been successful in the field of data science.
Data Center
- Desktop market matures but VDI challenges remain
  
  Tools enable companies to reduce support costs, boost security and lower energy consumption, but more is needed to overcome VDI challenges.
- Cloud, converged systems make server hardware future murky
  
  Server hardware has ruled the data center landscape for many years, but may be usurped as enterprises embrace converged systems and other new tech.
- Using Zabbix with embedded devices via SNMP monitoring
  
  Some devices you want to monitor with Zabbix cannot have software installed. For these appliances, SNMP monitoring may be the right choice.
Data Management
- Data management platform adds analytics for digital marketers
  
  Data management platform Crowd Control puts more analytics power into the hands of digital marketers and media buyers.
- Motorcycle icon Yamaha updates dealer site with fast database drivers
  
  Database drivers are sometimes an afterthought. But JDBC drivers came to the fore when Yamaha Motor Europe rebuilt its e-commerce website for dealers.
- Business intelligence and data warehousing trends aired at TDWI event
  
  In a podcast, TechTarget editors detail the business intelligence and data warehousing topics discussed at the 2013 TDWI conference in Las Vegas.
DataManagement UK
- Big data roundtable webcast: gaining value from big data
  
  Roundtable discussion on business value of big data, chaired by Brian McKenna, Editor, SearchDataManagementUK, and featuring Mike Ferguson, Roxane Edjlali (Gartner), Joshua LeCure (GlaxoSmithKline).
- 2012 training courses: BI, data management, data warehousing
  
  Find out where to hone your business intelligence, data management and data warehouse skills with this list of training courses for 2012.
- Poor data quality: what is dirty data costing UK organisations?
  
  Poor data quality can have serious financial consequences for businesses. Read about the current state of data quality management at UK companies, including dirty data problems.
Oracle
- Oracle Database Appliance x3-2 due out Tuesday
  
  A major upgrade to the Oracle Database Appliance x3-2 gives it some of the Exadata platform's high-end features, although it isn't quite there yet.
- Weigh the benefits of Oracle on mainframe vs. x86
  
  Until recently, big databases always meant using big iron. But as software and hardware evolves, Oracle on mainframe is becoming less common.
- Managing the cost-based optimizer in E-Business Suite
  
  An OAUG board member and Oracle Applications DBA explains how to use the cost-based optimizer to manager E-Business Suite stats.
Content Management
- Rich media flood pushes digital asset management strategy to forefront
  
  Without an effective plan for managing digital assets, the increasing digital content collected by organizations could end up being a real headache.
- Avoid the pitfalls of cloud collaboration management
  
  Analyst Tim Walters explains how to build a strong case for cloud collaboration management and how to avoid problems that pop up along the way.
- Podcast: Who should be in charge of an enterprise search deployment?
  
  Organizations looking to set up an effective enterprise search deployment need to carefully consider the person they pick to lead the initiative.
Windows Server
- Seven things to know about Windows Server 2012 deduplication
  
  It's no magic bullet, but Windows Server 2012 deduplication can help alleviate rising data storage demands.
- The greening of Windows Azure: Microsoft ready to take on AWS
  
  Microsoft's Windows Azure strategy -- integration with System Center 2012 and a low price -- make it a viable alternative to AWS for cloud computing.
- Overcoming Server Core installation woes in Windows Server 2012
  
  Don't run away from a Server Core installation in Windows Server 2012. Follow these simple steps for a successful transition.

All Rights Reserved,Copyright 2005 - 2013, TechTarget