Q
Problem solve Get help with specific problems with your technologies, process and projects.

Encrypting password fields in SQL Server

Third party application aren't necessary to create a password field inside a SQL Server database, or to decrypt the field when validating users. Just use an encryption algorithm in your application. A tool called Encryptionizer can do this for you.

I have received a request to have a password field inside of a database table encrypted. The user would like to also be able to decrypt the field when validating users. What is the best way to go about doing this? Does it require a third-party application?

It doesn't require a 3rd party application. You can do this yourself. All it requires is for you to utilize an...

encryption algorithm in your application. Data coming in is encrypted and then sent on to the SQL Server where it is stored. When a validating a user, it passes through your application where the process is reversed. I would very strongly recommend that when you are doing this, that algorithm is locked up and very tightly controlled. In no case should it ever be used to allow a user to decrypt the data and view it in a report or via some other manner. Once encrypted, the data should always be encrypted except during validation processes within your application which never retains the password. There is a third-party tool that can do this for you as well called Encryptionizer.

For More Information

This was last published in October 2003

Dig Deeper on SQL Server Security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchDataCenter

SearchDataManagement

SearchAWS

SearchOracle

SearchContentManagement

SearchWindowsServer

Close