[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

encrypt password stored in a table

Posted on 2006-03-21
21
Medium Priority
?
7,072 Views
Last Modified: 2010-05-18
In mssql server>enterprise manager, i save my user login and password in a table called tbluserlogin. How can i encrypt my password to ensure that other ppl cannot view the password even if he/she opens the tbluserlogin table. Please help. Thanks.
0
Comment
Question by:nwhan
  • 6
  • 6
  • 4
  • +1
18 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 80 total points
ID: 16247489
0
 
LVL 1

Author Comment

by:nwhan
ID: 16248404
thanks for the reference...but how/where do i put that codes of lines ? pls help...urgent..thanks man
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16248452
you can use the function when writing the sql code, hence you cannot use it in the enterprise manager directly.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16248468
to be clear: you need to write the update/insert statement in the query analyser or any custom application running sql statements
0
 
LVL 1

Author Comment

by:nwhan
ID: 16249142
so u mean i execute your codes when i create users in a table ?
means at the same time i use "insert users" sql query, i'll have to include those codes of yours together? all at the same time when i create user?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 16250067
Yes and also when you retrieve them you will have to decrypt them.

Or you could use SQL Server 2005 ...
0
 
LVL 1

Author Comment

by:nwhan
ID: 16250991
ic..but how do i decrypt them when i wanna retrieve the password?
isit when i put the codes together for "select" sql query ?
can u provide me some codes ? simple1...like save username and password(with encryption) into tbluserlogin and retrieving them(decrypt) ?
0
 
LVL 18

Assisted Solution

by:ShogunWade
ShogunWade earned 80 total points
ID: 16251441
pwdencrypt doesnt have a decrypt function (at least not a legitimate one)  u use pwdcompare to compare an unencrypted value (supplied by the user) with the encrypted stored value.    or encrypt the value to user supplied and test for equality with the encrypted stored one.
0
 
LVL 75

Assisted Solution

by:Anthony Perkins
Anthony Perkins earned 80 total points
ID: 16253692
See here:
http://www.devx.com/tips/Tip/14407

And of course you should understand that pwdencrypt and pwdcompare are undocumented functions and apparently have changed in SQL Server 2005.
0
 
LVL 1

Author Comment

by:nwhan
ID: 16257067
it works fine on the encrypting part...but when i need to authorise the user login, this part im having problem..how can i decrypt them in an easier way ?
0
 
LVL 143

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 16257164
you cannot decrypt. you can only compare the crypted value with the supplied password using the pwd_compare function.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 16264806
>>how can i decrypt them in an easier way ? <<
Did you bother to read the article from the link I posted?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 16276719
Fair enough.  What are you stuck on?  Please post the code you have so far.
0
 
LVL 1

Author Comment

by:nwhan
ID: 16278842
well, i just need to know how can i encrypt a password entered in txtpassword and to be passed it's encrypted value to another label(lblpassword). With that concept, i'll be able to do comparison with the existing password in my database table.

*Since ur encryption style works for sql query, how can i encrypt it through the coding part in vb.net coding?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 16286514
>>how can i encrypt it through the coding part in vb.net coding? <<
You need to post in a more appropriate Topic Area such as:
http://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/VB_DOT_NET/
0
 
LVL 1

Author Comment

by:nwhan
ID: 16287069
u mean you only know how to encrypt the password and save to db table ?
so you do not know how to encrypt the password entered to be compared to the encrypted password from the db table to authorise login?
0
 
LVL 18

Expert Comment

by:ShogunWade
ID: 16287075
Pass the unencrypted password from the client code into a a stored procedure or the likes and use the pwdcompare function, returning whether the pwd matched or not back to the client.
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 16289144
>>u mean you only know how to encrypt the password and save to db table ?<<
I don't believe English can be your first language, so I will try it again:  There are two options here:

1. If this question is related to "encrypt it through the coding part in vb.net coding" than it should be posted in a more appropriate Topic Area.  

2. If on the other hand you are trying to pass the password as clear text and do it all with T-SQL than you need to follow angelIII and ShogunWade's advice.  Just understand that pwdencrypt and pwdcompare are undocumented functions and are liable to be removed or changed.

So which is it?

In the meantime, you will find experts more responsive if you take the time to attend to the following abandoned question:
http://www.experts-exchange.com/Web/Hosting/Q_21715432.html
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why is this different from all of the other step by step guides?  Because I make a living as a DBA and not as a writer and I lived through this experience. Defining the name: When I talk to people they say different names on this subject stuff l…
MSSQL DB-maintenance also needs implementation of multiple activities. However, unprecedented errors can hamper the database management. In that case, deploying Stellar SQL Database Toolkit ensures fast and accurate database and backup repair as wel…
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Viewers will learn how to use the UPDATE and DELETE statements to change or remove existing data from their tables. Make a table: Update a specific column given a specific row using the UPDATE statement: Remove a set of values using the DELETE s…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question