Storing an encrypted string in a database

StackOverflow https://stackoverflow.com/questions/18422490

Question

I need to store the passwords of X.509 certificates in a database. But there's a problem: I can't hash the passwords, so I need to store them in encrypted form.

How can I do this without explicit encryption and decryption?

Also, is it possible to store a SecureString with ADO.NET?

Was it helpful?

Solution

No, SecureString no. It's just a pointer to the actual protected memory address, tied up to the Windows DPAPI. Whatever you do will always require some kind of coding.

If your are using MS SQL, you can have the encryption tasks right there: Encrypting by passphrase, symmetric keys or asymmetric keys.

Take a look at: http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/

or you might want to take a look at this great book: http://www.apress.com/9781430224648

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top