Encrypting passwords on SQL server 2000

Tags:
Encryption
Password
Password field
SQL Server 2000
I m using SQL server 2000 and I want to use a password field for Employee Master. My question is how to encrypt this password field in my insert query. I have heard about the “EncryptByPassPhrase” function and symmetric key, but it is provided from SQL Server 2005. I have tried using pwdencrypt which is working, but how can I decrypt this encrypted password?

Answer Wiki

Thanks. We'll let you know when a new response is added.

If you are using the native password encryption function of SQL 2000 you can’t decrypt the value. It is a one way encryption. Your best bet would be to encrypt the value in the application and simply store the encrypted value in the database table.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • AndrewGauger
    This one way encrypting process can be exactly what you need though. In order to use this encrypted value in the table, have your program encrypt the password that the user types in using the same function that originally encrypted the file so it would look like this (logically) Encrypt("password") -> 2gub3dk9292jfjsdl //this would be stored in the table And when a user provides credentials, encrypt the password and compare the values. Encrypt("notthepass") ->58jalgjad9g8ere34j if (2gub3dk9292jfjsdl == 58jalgjad9g8ere34j) // FALSE if (2gub3dk9292jfjsdl == 2gub3dk9292jfjsdl ) //TRUE So all you need to do is (assuming you use a temporary database for sessions) is to encrypt the password the user typed in as pwdencrypt and compare the values.
    105 pointsBadges:
    report
  • ClickSSL
    Hai guys, Thus far i am using the following statements for encrypting a password variable in sql server 2005 OPEN SYMMETRIC KEY SecureSymmetricKey1 DECRYPTION BY PASSWORD = N'StrongPassword'; DECLARE @encrypted_str VARBINARY(MAX) select @encrypted_str=EncryptByKey(Key_GUID('SecureSymmetricKey1'),@Password) Is this a good practice or any other approach for doing this...
    20 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following