Solved

How to handle/store SQL Server master key password? Thick client (C#, .NET 4) and SQL Server 2008 Express

Posted on 2010-08-18
4
724 Views
Last Modified: 2012-05-10
I have the need to encrypt/decrypt passwords for databases in my application. I will use the built-in encryption/decryption functions in SQL Server to store them in my SQL Server database.
BUT what is a good approach for handling the master key password?
Hide it in the client code!? Users of the client should not know this password.
0
Comment
Question by:jerra
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
dhlotter earned 500 total points
ID: 33463508
Database Master Key
A database master key must be generated explicitly using the below command:

Each database has a different master key, ensuring that a user with access to decrypt
data in one database cannot also decrypt data in another database without being granted
permission to do so.
The database master key is used to protect any certifi cates, symmetric keys, or asymmetric
keys that are stored within a database. The database master key is encrypted using Triple DES
and the user-supplied password. A copy of the database master key is also encrypted using the
service master key such that automatic decryption can be accomplished within the instance.
When you make a request to decrypt data, the service master key is used to decrypt the
database master key, that is used to decrypt a certifi cate, symmetric key, or asymmetric key,
and in turn is used to decrypt the data.


CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘<StrongPasswrd>’

Open in new window

0
 

Author Comment

by:jerra
ID: 33463538
So I won't have to supply the password when I want to decrypt? I just have to be logged in on the SQL Server?
0
 
LVL 2

Expert Comment

by:dhlotter
ID: 33463725
Correct, SQL will decrypt with the master keys available.
0
 

Author Closing Comment

by:jerra
ID: 33463733
Thanks!
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
I have a large data set and a SSIS package. How can I load this file in multi threading?
Viewers will learn how the fundamental information of how to create a table.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now