>>>>>Hi,
>>>>>
>>>>>I am wondering if it is a good idea to encrypt user name and email address of users in User and Password Table? Of course, I encrypt password field entry. But I am not sure of what is a good practice with regards to User Name and Email Address columns. TIA for any input.
>>>>
>>>>Would that be useful ? You can always use a view that hides those if necessary
>>>
>>>Sorry but I don't understand your comment. When you are saying a view, you mean SQL Server view?
>>
>>Yes.
>
>I see. But I am not sure if a SQL Server view will be necessary here. If I encrypt these columns (User Name and Email) nobody will see the entries in them but the user of my application (because it will decrypt them). If I leave the values in the columns non-encrypted, then a DBA can open the table and see the values.
>
>I was just wondering what other developers do in such cases as my thinking was that I don't want a DBA to complain that I do something that is not a standard practice (leaving User Name and Email in the table as is or encrypted).
Dunno - but if it's only the dba that can see the email address - I would not worry. (1) it's the dba and (2) it's only an email address
Gregory