Home     |     .Net Programming    |     cSharp Home    |     Sql Server Home    |     Javascript / Client Side Development     |     Ajax Programming

Ruby on Rails Development     |     Perl Programming     |     C Programming Language     |     C++ Programming     |     IT Jobs

Python Programming Language     |     Laptop Suggestions?    |     TCL Scripting     |     Fortran Programming     |     Scheme Programming Language


 
 
Cervo Technologies
The Right Source to Outsource

MS Dynamics CRM 3.0

Sql Server Programming

Encrypt or decrypt our password


Friends,

   I have plan to store application passwords in there database.
   So how i can Encrypt or decrypt our password.

  Is there any other way to store the password.

Regards
Rahul

Hi
Do you use SQL Server 2005?

"Rahul" <verma.car@gmail.com> wrote in message

news:1173264193.458833.87520@n33g2000cwc.googlegroups.com...

HI

SQL 2000 does not have any built-in column value encryption technique, you
have to relay on 3rd party app. but 2005 support simple symmetric encryption

VT

"Uri Dimant" <u@iscar.co.il> wrote in message

news:e1EgjuKYHHA.3996@TK2MSFTNGP02.phx.gbl...

Hello Rahul,

If it is SQL 2000, then encrypt the password in the application layer
itself. If it is SQL 2005, you could use the new SYMMETRIC or ASymetric
encrytions
available in SQL Server itself.

Take a look into the article which details the encryption with examples.

http://www.microsoft.com/technet/itshowcase/content/sqldatsec.mspx

http://www.sqlservercentral.com/columnists/mcoles/sql2005symmetricenc...

Thanks
Hari

"Rahul" <verma.car@gmail.com> wrote in message

news:1173264193.458833.87520@n33g2000cwc.googlegroups.com...

there are undocumented functions pwdencrypt and pwdcompare in SQL
2000. ;)

Hari Prasad rae:

> there are undocumented functions pwdencrypt and pwdcompare in SQL 2000. ;)

These undocumented functions can break applications when behavior changes
between service packs/versions.  I wouldn't go there ;-)

--
Hope this helps.

Dan Guzman
SQL Server MVP

"kuNDze" <kun@gmail.com> wrote in message

news:1173274028.572441.28990@q40g2000cwq.googlegroups.com...
there are undocumented functions pwdencrypt and pwdcompare in SQL
2000. ;)

Hari Prasad rase:

If you are using SQL 2000, you can do the encryption and decryption in the
middle tier and send the encrypted password into SQL Server as binary.

vt stated that SQL 2005 has simple symmetric encryption, which isn't the
whole story. As Hari already noted, if you are using SQL 2005, you can do
symmetric and asymmetric encryption, and as simple or complex as one
desires.

PLEASE - Whatever you do, use a real encryption algorithm and not home-grown
encryption like XOR or bit shifting!

--
Peter DeBetta, MVP - SQL Server
http://sqlblog.com
--

"Rahul" <verma.car@gmail.com> wrote in message

news:1173264193.458833.87520@n33g2000cwc.googlegroups.com...

On 7 Mar, 10:43, "Rahul" <verma.car@gmail.com> wrote:

> Friends,

>    I have plan to store application passwords in there database.
>    So how i can Encrypt or decrypt our password.

>   Is there any other way to store the password.

> Regards
> Rahul

Are you sure you want to encrypt the passwords? The only good excuse
for doing so is if you need to support some kind of password recovery.
Password recovery has its own security problems so avoid it if you
can.

Best practice is to hash the password rather than encrypt it. Good
password management rules are a must as well. You can hash passwords
either with the HashBytes function in SQL Server 2005 or with
Microsoft's crypto API in any other version.

--
David Portas, SQL Server MVP

Whenever possible please post enough code to reproduce your problem.
Including CREATE TABLE and INSERT statements usually helps.
State what version of SQL Server you are using and specify the content
of any error messages.

SQL Server Books Online:
http://msdn2.microsoft.com/library/ms130214(en-US,SQL.90).aspx
--

Add to del.icio.us | Digg this | Stumble it | Powered by Megasolutions Inc