locked
Various ways of saving passwords safely RRS feed

  • Question

  • Hi,

    Can any one tell me the different ways to save SQL Database server passwords safely?

    Monday, October 20, 2014 6:01 AM

Answers

  • Are you referring to password repository

    http://keepass.info/

    vt

     

    Please mark answered if I've answered your question and vote for it as helpful to help other user's find a solution quicker


    Monday, October 20, 2014 6:51 AM
  • Hi,

    The link Visakh post is talking about Hashing (Hash mean function that return the same value for the same input), but it not encryption but encoding (the original data is hiding in the store data). In the Hash function you can use encryption of some type. As mentioned in the article they used in the hash function, the System.Security.Cryptography Namespace which include several Encryption class. But SQL Server include moxt of those encryption build in. You have several Encryption level in SQL database that you can use. check this URL 

    http://sqlmag.com/database-security/sql-server-encryption-options

    In most cases I will recommend on using column encryption instead or with hashing. while the hashing idea is great it is still use plain sting in most cases and using column encryption you will keep the data as binary (ofcourse as I mentioned you can do both and you can use hashing with binary as well). For more information about column encription check this URL http://technet.microsoft.com/en-us/library/ms179331.aspx

    Using column encryption you can use external key file but this is not commonly use in SQL sine the idea of database is to save the data :-)


    signature   Ronen Ariely
     [Personal Site]    [Blog]    [Facebook]


    Monday, October 20, 2014 7:33 AM

All replies

  • 1. Encrypt the password and store it

    2. Applying Hashing

    http://www.codeproject.com/Articles/425150/Beginners-guide-to-a-secure-way-of-storing-passwor


    Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

    Monday, October 20, 2014 6:18 AM
  • Hi Vikash,

    I have seen these options to save them internally in databases. But I am looking to save them outside database server. Can you tell me any good way to do that?

    Monday, October 20, 2014 6:46 AM
  • Are you referring to password repository

    http://keepass.info/

    vt

     

    Please mark answered if I've answered your question and vote for it as helpful to help other user's find a solution quicker


    Monday, October 20, 2014 6:51 AM
  • Hi,

    The link Visakh post is talking about Hashing (Hash mean function that return the same value for the same input), but it not encryption but encoding (the original data is hiding in the store data). In the Hash function you can use encryption of some type. As mentioned in the article they used in the hash function, the System.Security.Cryptography Namespace which include several Encryption class. But SQL Server include moxt of those encryption build in. You have several Encryption level in SQL database that you can use. check this URL 

    http://sqlmag.com/database-security/sql-server-encryption-options

    In most cases I will recommend on using column encryption instead or with hashing. while the hashing idea is great it is still use plain sting in most cases and using column encryption you will keep the data as binary (ofcourse as I mentioned you can do both and you can use hashing with binary as well). For more information about column encription check this URL http://technet.microsoft.com/en-us/library/ms179331.aspx

    Using column encryption you can use external key file but this is not commonly use in SQL sine the idea of database is to save the data :-)


    signature   Ronen Ariely
     [Personal Site]    [Blog]    [Facebook]


    Monday, October 20, 2014 7:33 AM