| Author |
Topic |
|
avmreddy17
Posting Yak Master
180 Posts |
 Posted - 2007-09-30 : 09:30:40
|
| Hi I have SQL Server 2000 and in one of the databases we store the Application passwords as a Clear text. we would like to encrypt these passwords so that we will pass the auditing.Can some one please suggest a good way to encrypt these passwords.Thanks |
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
|
|
nr
SQLTeam MVY
12543 Posts |
Posted - 2007-09-30 : 13:13:36
|
| How encrypted do you want them to be?Sounds like you aren't worried about security just auditing so maybe you can just xor them with a fixed value to make them unreadable.==========================================Cursors are useful if you don't know sql.DTS can be used in a similar way.Beer is not cold and it isn't fizzy. |
 |
|
|
avmreddy17
Posting Yak Master
180 Posts |
Posted - 2007-10-01 : 14:36:48
|
| We need 128 Bit Encryption.Also, Can we encrypt/Decrypt using MD5 Hash Algorithm.ThanksVenu |
|
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2007-10-02 : 04:39:48
|
| first you need to understand the difference between hashing and encryption.hashing is a one way operation. you can't get the original value back from the hashencryption needs a key with which you encrypt your data and then using that same key you can decrypt it back again.that's the difference._______________________________________________Causing trouble since 1980blog: http://weblogs.sqlteam.com/mladenpSSMS Add-in that does a few things: www.ssmstoolspack.com |
|
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2007-10-02 : 04:43:37
|
http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=76258
E 12°55'05.25"N 56°04'39.16" |
|
|
|
avmreddy17
Posting Yak Master
180 Posts |
Posted - 2007-10-02 : 10:12:21
|
| Thanks Peso and Sprint1 for all your replies. I am still learning how the encryption works. I am sorry if I am asking some basic Questions.Sprit1,What is the hash Value used in MD5 algorithm ( is it 128 Bit or 40 bit ).ThanksVenu |
|
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2007-10-02 : 10:23:57
|
| It is better to hash the passwords on the front-end and just store the hash in the database.That way, the cleartext password is never passed between the application server and the database server and the password is not in the database. Since only the hash of the password is in the database, it cannot be decrypted directly, even with access to the password table and the hash key.CODO ERGO SUM |
|
|
|
avmreddy17
Posting Yak Master
180 Posts |
Posted - 2007-10-02 : 11:16:15
|
| Thanks guyswe need to use Hash for the Passwords. And there are some more fields in the database like SSN number etc where we want to encrypt it.I think I can use Peso's functions to do this.Thank you all |
|
|
|
Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)
7020 Posts |
Posted - 2007-10-02 : 11:30:34
|
| If you need encrypted data, you need to consider if you need the ability to do index lookups on encrypted data.Many encryption algorithms, like AES, do not produce the same ciphertext each time, so an index on an encrypted column does no good. You may need to also create a hashed version of the column to be able to do index lookups. Otherwise, you will be stuck doing very expensive table scans where you have to decrypt every row to find a match.If you have the ability to use 2005, instead of SQL 2000, encryption is built-in and will be much easier to do.CODO ERGO SUM |
|
|
|
avmreddy17
Posting Yak Master
180 Posts |
Posted - 2007-10-03 : 10:10:35
|
| Michael,We are still on SQL Server 2000 and we are planning to migrate to SQL Server 2005 in a few months, but right now we need to to it on SQL Server 2000.Thanks |
|
|
|
avmreddy17
Posting Yak Master
180 Posts |
Posted - 2007-10-04 : 15:15:57
|
| Peso,Is the same Function used for Decrypting the Password too..Thanks |
|
|
|
|
Passwords