Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to handle/store SQL Server master key password? Thick client (C#, .NET 4) and SQL Server 2008 Express

Posted on 2010-08-18
4
Medium Priority
?
746 Views
Last Modified: 2012-05-10
I have the need to encrypt/decrypt passwords for databases in my application. I will use the built-in encryption/decryption functions in SQL Server to store them in my SQL Server database.
BUT what is a good approach for handling the master key password?
Hide it in the client code!? Users of the client should not know this password.
0
Comment
Question by:jerra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Accepted Solution

by:
dhlotter earned 2000 total points
ID: 33463508
Database Master Key
A database master key must be generated explicitly using the below command:

Each database has a different master key, ensuring that a user with access to decrypt
data in one database cannot also decrypt data in another database without being granted
permission to do so.
The database master key is used to protect any certifi cates, symmetric keys, or asymmetric
keys that are stored within a database. The database master key is encrypted using Triple DES
and the user-supplied password. A copy of the database master key is also encrypted using the
service master key such that automatic decryption can be accomplished within the instance.
When you make a request to decrypt data, the service master key is used to decrypt the
database master key, that is used to decrypt a certifi cate, symmetric key, or asymmetric key,
and in turn is used to decrypt the data.

CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘<StrongPasswrd>’

Open in new window

0
 

Author Comment

by:jerra
ID: 33463538
So I won't have to supply the password when I want to decrypt? I just have to be logged in on the SQL Server?
0
 
LVL 2

Expert Comment

by:dhlotter
ID: 33463725
Correct, SQL will decrypt with the master keys available.
0
 

Author Closing Comment

by:jerra
ID: 33463733
Thanks!
0

Featured Post

Enroll in October's Free Course of the Month

Do you work with and analyze data? Enroll in October's Course of the Month for 7+ hours of SQL training, allowing you to quickly and efficiently store or retrieve data. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
Via a live example combined with referencing Books Online, show some of the information that can be extracted from the Catalog Views in SQL Server.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question