Solved

How to handle/store SQL Server master key password? Thick client (C#, .NET 4) and SQL Server 2008 Express

Posted on 2010-08-18
4
738 Views
Last Modified: 2012-05-10
I have the need to encrypt/decrypt passwords for databases in my application. I will use the built-in encryption/decryption functions in SQL Server to store them in my SQL Server database.
BUT what is a good approach for handling the master key password?
Hide it in the client code!? Users of the client should not know this password.
0
Comment
Question by:jerra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
dhlotter earned 500 total points
ID: 33463508
Database Master Key
A database master key must be generated explicitly using the below command:

Each database has a different master key, ensuring that a user with access to decrypt
data in one database cannot also decrypt data in another database without being granted
permission to do so.
The database master key is used to protect any certifi cates, symmetric keys, or asymmetric
keys that are stored within a database. The database master key is encrypted using Triple DES
and the user-supplied password. A copy of the database master key is also encrypted using the
service master key such that automatic decryption can be accomplished within the instance.
When you make a request to decrypt data, the service master key is used to decrypt the
database master key, that is used to decrypt a certifi cate, symmetric key, or asymmetric key,
and in turn is used to decrypt the data.

CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘<StrongPasswrd>’

Open in new window

0
 

Author Comment

by:jerra
ID: 33463538
So I won't have to supply the password when I want to decrypt? I just have to be logged in on the SQL Server?
0
 
LVL 2

Expert Comment

by:dhlotter
ID: 33463725
Correct, SQL will decrypt with the master keys available.
0
 

Author Closing Comment

by:jerra
ID: 33463733
Thanks!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
Viewers will learn how the fundamental information of how to create a table.
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question