>>>>Hi,
>>>>
>>>>I am wondering if it is a good idea to encrypt user name and email address of users in User and Password Table? Of course, I encrypt password field entry. But I am not sure of what is a good practice with regards to User Name and Email Address columns. TIA for any input.
>>>
>>>Would that be useful ? You can always use a view that hides those if necessary
>>
>>Sorry but I don't understand your comment. When you are saying a view, you mean SQL Server view?
>
>Yes.
I see. But I am not sure if a SQL Server view will be necessary here. If I encrypt these columns (User Name and Email) nobody will see the entries in them but the user of my application (because it will decrypt them). If I leave the values in the columns non-encrypted, then a DBA can open the table and see the values.
I was just wondering what other developers do in such cases as my thinking was that I don't want a DBA to complain that I do something that is not a standard practice (leaving User Name and Email in the table as is or encrypted).
"The creative process is nothing but a series of crises." Isaac Bashevis Singer
"My experience is that as soon as people are old enough to know better, they don't know anything at all." Oscar Wilde
"If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money that it values more, it will lose that too." W.Somerset Maugham
