Best Practise to store Database Master Key
Posted on 2008-01-28
I have two questions here :
1) I wanted to know wht are the best practices for storing the Database Master Key that is used for encrypting the database. The vendor suggested us to store the password for database masterkey on a piece of paper and keep the paper at a secure location, which I didnt agree with? Just taking a backup of the key on a flash drive is betteR? How would you argue the hard copy is bad?
2) Application connecting to back end sql server access encrypted data, where should the encryption keys be stored as a best practice...definitely not coded in the application that is wrong. One solution I thought was to store it in the registry of sql server, which gets decrypted when the application with appropriate user credentials connects to the sql server . any suggestion are welcome