>>>>>Hi,
>>>>>
>>>>>I am wondering if it is a good idea to encrypt user name and email address of users in User and Password Table? Of course, I encrypt password field entry. But I am not sure of what is a good practice with regards to User Name and Email Address columns. TIA for any input.
>>>>
>>>>Probably yes as well - if you don't want spammers to e-mail your users.
>>>
>>>This is a table in SQL Server so no "spammers" will have access to the table. The only people that will see this table (outside of the application) are DBA. And the DBA probably already knows all users user names and emails.
>>
>>You never know who and how can access the data. In other words, the fact you stored your data in the SQL Server doesn't automatically prevent someone from stealing the data. So, if there is a risk of disclosing the data (and the risk always exists) you may want to minimize it by encrypting emails also.
>
>Thank you.
Check
http://forum.lessthandot.com/viewtopic.php?p=60226#p60226So far the consensus is to not encrypt emails.
If it's not broken, fix it until it is.
My Blog