Encrypting password fields in SQL Server

Third party application aren't necessary to create a password field inside a SQL Server database, or to decrypt the field when validating users. Just use an encryption algorithm in your application. A tool called Encryptionizer can do this for you.

I have received a request to have a password field inside of a database table encrypted. The user would like to also be able to decrypt the field when validating users. What is the best way to go about doing this? Does it require a third-party application?

It doesn't require a 3rd party application. You can do this yourself. All it requires is for you to utilize an...

encryption algorithm in your application. Data coming in is encrypted and then sent on to the SQL Server where it is stored. When a validating a user, it passes through your application where the process is reversed. I would very strongly recommend that when you are doing this, that algorithm is locked up and very tightly controlled. In no case should it ever be used to allow a user to decrypt the data and view it in a report or via some other manner. Once encrypted, the data should always be encrypted except during validation processes within your application which never retains the password. There is a third-party tool that can do this for you as well called Encryptionizer.

For More Information

Dig Deeper on SQL Server Security