Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
jcarver
Starting Member
18 Posts |
 Posted - 2007-10-17 : 15:24:26
|
| I have recently come into a company and need to encrypt some of the older SQL 2000 datases to so that passwords are not plain text. We have blowfish and would like to use that on the password field. I do not know how to use blowfish on a SQL 2000 database, does anyone have any idea how to do this? Should I use a stored procedure Thanks in advance,/jcarver |
|
|
Kristen
Test
22859 Posts |
Posted - 2007-10-17 : 15:44:02
|
| Just to make sure I have understood:You just want to encrypt a password column in some sort of "User Logon ID and Password" table?Kristen |
 |
|
|
jcarver
Starting Member
18 Posts |
Posted - 2007-10-17 : 16:00:46
|
| That is correct. We have a users table and we now need to put an encryption on the password column there. |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2007-10-17 : 16:26:04
|
| Not really my strong-suit, but basically you need to get your Application to encrypt the Password data and send it, encrypted, to SQL Server. SQL Server can then compare the encrypted password against the data it has stored. At no time will SQL Server be aware of the plain-text of the password. |
|
|
|
jcarver
Starting Member
18 Posts |
Posted - 2007-10-17 : 16:30:12
|
| Right, that is the end result, I understand how it all works, I have used encryption methods like this on MySQL, but I don't know how to implement it on MSSQL. I need to know how to implement some form of in encryption on the column (In this case preferably blowfish) |
|
|
|
blindman
Master Smack Fu Yak Hacker
2365 Posts |
|
|
Kristen
Test
22859 Posts |
Posted - 2007-10-17 : 16:36:31
|
Still not my strong-suit But I don't think its anything to do with SQL Server. Your application will send some binary stuff (which is the Password which has already been passed through an encryption function) and SQL Server will compare that against the stored password (which was encrypted in a similar way). If it matches the user login is Allowed, otherwise dis-allowed.Sorry it that's not helpful, but it's all I can suggest.Kristen |
|
|
|
|
|
|
|
|
Encryption Stored proc?