encrypt password stored in a table

In mssql server>enterprise manager, i save my user login and password in a table called tbluserlogin. How can i encrypt my password to ensure that other ppl cannot view the password even if he/she opens the tbluserlogin table. Please help. Thanks.
LVL 1
nwhanAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Guy Hengel [angelIII / a3]Billing EngineerCommented:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nwhanAuthor Commented:
thanks for the reference...but how/where do i put that codes of lines ? pls help...urgent..thanks man
Guy Hengel [angelIII / a3]Billing EngineerCommented:
you can use the function when writing the sql code, hence you cannot use it in the enterprise manager directly.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Guy Hengel [angelIII / a3]Billing EngineerCommented:
to be clear: you need to write the update/insert statement in the query analyser or any custom application running sql statements
nwhanAuthor Commented:
so u mean i execute your codes when i create users in a table ?
means at the same time i use "insert users" sql query, i'll have to include those codes of yours together? all at the same time when i create user?
Anthony PerkinsCommented:
Yes and also when you retrieve them you will have to decrypt them.

Or you could use SQL Server 2005 ...
nwhanAuthor Commented:
ic..but how do i decrypt them when i wanna retrieve the password?
isit when i put the codes together for "select" sql query ?
can u provide me some codes ? simple1...like save username and password(with encryption) into tbluserlogin and retrieving them(decrypt) ?
ShogunWadeCommented:
pwdencrypt doesnt have a decrypt function (at least not a legitimate one)  u use pwdcompare to compare an unencrypted value (supplied by the user) with the encrypted stored value.    or encrypt the value to user supplied and test for equality with the encrypted stored one.
Anthony PerkinsCommented:
See here:
http://www.devx.com/tips/Tip/14407

And of course you should understand that pwdencrypt and pwdcompare are undocumented functions and apparently have changed in SQL Server 2005.
nwhanAuthor Commented:
it works fine on the encrypting part...but when i need to authorise the user login, this part im having problem..how can i decrypt them in an easier way ?
Guy Hengel [angelIII / a3]Billing EngineerCommented:
you cannot decrypt. you can only compare the crypted value with the supplied password using the pwd_compare function.
Anthony PerkinsCommented:
>>how can i decrypt them in an easier way ? <<
Did you bother to read the article from the link I posted?
Anthony PerkinsCommented:
Fair enough.  What are you stuck on?  Please post the code you have so far.
nwhanAuthor Commented:
well, i just need to know how can i encrypt a password entered in txtpassword and to be passed it's encrypted value to another label(lblpassword). With that concept, i'll be able to do comparison with the existing password in my database table.

*Since ur encryption style works for sql query, how can i encrypt it through the coding part in vb.net coding?
Anthony PerkinsCommented:
>>how can i encrypt it through the coding part in vb.net coding? <<
You need to post in a more appropriate Topic Area such as:
http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/VB_DOT_NET/
nwhanAuthor Commented:
u mean you only know how to encrypt the password and save to db table ?
so you do not know how to encrypt the password entered to be compared to the encrypted password from the db table to authorise login?
ShogunWadeCommented:
Pass the unencrypted password from the client code into a a stored procedure or the likes and use the pwdcompare function, returning whether the pwd matched or not back to the client.
Anthony PerkinsCommented:
>>u mean you only know how to encrypt the password and save to db table ?<<
I don't believe English can be your first language, so I will try it again:  There are two options here:

1. If this question is related to "encrypt it through the coding part in vb.net coding" than it should be posted in a more appropriate Topic Area.  

2. If on the other hand you are trying to pass the password as clear text and do it all with T-SQL than you need to follow angelIII and ShogunWade's advice.  Just understand that pwdencrypt and pwdcompare are undocumented functions and are liable to be removed or changed.

So which is it?

In the meantime, you will find experts more responsive if you take the time to attend to the following abandoned question:
http://www.experts-exchange.com/Web/Hosting/Q_21715432.html
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server

From novice to tech pro — start learning today.