>>(a) To handle the encryption in a tier that will make it back-end agnostic.
Not sure what you mean by this. Please explain.



>>I'm putting together some table to manage users, roles, and rights.
>>
>>Anyone see any problems with encrypting all the data in all three tables?
>
>I'm working on a similar thing at the moment. Your needs are probably different but I decided:
>(a) To handle the encryption in a tier that will make it back-end agnostic.
>(b) To only secure the password - and then by hash value rather than encryption.
>
>FWIW, here's the class I use for hashing/comparing.

    static public class HashFunctions
>    {
>        public static Byte[] GetHashValue(string s)
>        {
>            byte[] source = ASCIIEncoding.ASCII.GetBytes(s);
>            return  new MD5CryptoServiceProvider().ComputeHash(source);
>        }
>
>        public static bool CompareHash(byte[] first, byte[] second)
>        {
>            bool equal = false;
>            if (first.Length == second.Length)
>            {
>                int i=0;
>                while (i < first.Length && (first[i] == second[i]))
>                    i++;
>                equal = i == first.Length;
>            }
>            return equal;
>        }
>
>        public static bool CompareHash(byte[] b,string s)
>        {
>            return CompareHash(b, GetHashValue(s));
>        }
>    }

The password is stored as a byte array (varbinary() in MSSQL)