Solved

How to handle/store SQL Server master key password? Thick client (C#, .NET 4) and SQL Server 2008 Express

Posted on 2010-08-18
4
727 Views
Last Modified: 2012-05-10
I have the need to encrypt/decrypt passwords for databases in my application. I will use the built-in encryption/decryption functions in SQL Server to store them in my SQL Server database.
BUT what is a good approach for handling the master key password?
Hide it in the client code!? Users of the client should not know this password.
0
Comment
Question by:jerra
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
dhlotter earned 500 total points
ID: 33463508
Database Master Key
A database master key must be generated explicitly using the below command:

Each database has a different master key, ensuring that a user with access to decrypt
data in one database cannot also decrypt data in another database without being granted
permission to do so.
The database master key is used to protect any certifi cates, symmetric keys, or asymmetric
keys that are stored within a database. The database master key is encrypted using Triple DES
and the user-supplied password. A copy of the database master key is also encrypted using the
service master key such that automatic decryption can be accomplished within the instance.
When you make a request to decrypt data, the service master key is used to decrypt the
database master key, that is used to decrypt a certifi cate, symmetric key, or asymmetric key,
and in turn is used to decrypt the data.

CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘<StrongPasswrd>’

Open in new window

0
 

Author Comment

by:jerra
ID: 33463538
So I won't have to supply the password when I want to decrypt? I just have to be logged in on the SQL Server?
0
 
LVL 2

Expert Comment

by:dhlotter
ID: 33463725
Correct, SQL will decrypt with the master keys available.
0
 

Author Closing Comment

by:jerra
ID: 33463733
Thanks!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
I have a large data set and a SSIS package. How can I load this file in multi threading?
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question