encrypt(string) Question!! - Microsoft SQL Server

Russ Reynolds

SQL Server 2000:

################################################## ######
I run the following as a normal query from Analyzer:
################################################## ######

SELECT encrypt(user_password) FROM emp WHERE user_id = 1

################################################## #######
I run the following query from inside a stored proc:
################################################## #######

SELECT encrypt(user_password) FROM emp WHERE user_id = 1

################################################## #######
Question????
################################################## #######

If the data inside the emp table does not change, how can these two
queries return different values?

Any help would be much appreciated!

thanks,
Russ

Jul 20 '05 #1

Subscribe Reply

3241

James Goodwin

> SELECT encrypt(user_password) FROM emp WHERE user_id = 1

SELECT encrypt(user_password) FROM emp WHERE user_id = 1
If the data inside the emp table does not change, how can these two
queries return different values?

They return different values because the encrypt function 'salts' the data
to prevent someone from just encrypting a bunch of stuff to figure out the
other data in the table.

The Unix crypt function used to do this by putting two random characters on
the front of the data string and also on the front of the encryption string
using the 'salt' as part of the key.

Regards,
Jim

Jul 20 '05 #2

David Portas

In addition to James's reply, note that the Encrypt function is undocumented
so its behaviour can change between versions of the product. Don't rely on
it in production code. Generate a password hash client-side would be my
suggestion.

--
David Portas
SQL Server MVP
--

Jul 20 '05 #3

Greg D. Moore \(Strider\)

"David Portas" <RE****************************@acm.org> wrote in message
news:0e********************@giganews.com...

In addition to James's reply, note that the Encrypt function is undocumented so its behaviour can change between versions of the product. Don't rely on
it in production code. Generate a password hash client-side would be my
suggestion.

And in the at least one case I looked at, trivial to decrypt.

--
David Portas
SQL Server MVP
--

Jul 20 '05 #4

Similar topics

3083

Previous/Next Question

by: Mohammed Mazid | last post by:

Can anyone please help me on how to move to the next and previous question? Here is a snippet of my code: Private Sub cmdNext_Click() End Sub Private Sub cmdPrevious_Click() showrecord

Visual Basic 4 / 5 / 6

4997

Simple Java/XML question

by: Stevey | last post by:

I have the following XML file... <?xml version="1.0"?> <animals> <animal> <name>Tiger</name> <questions> <question index="0">true</question> <question index="1">true</question> </questions>

.NET Framework

2629

ASP.NET 2.0 question on Partial Types with J.I.T.

by: nospam | last post by:

Ok, 3rd or is it the 4th time I have asked this question on Partial Types, so, since it seems to me that Partial Types is still in the design or development stages at Microsoft, I am going to ask...

.NET Framework

3059

Filling question ID automatically by using query or VBA

by: Ekqvist Marko | last post by:

Hi, I have one Access database table including questions and answers. Now I need to give answer id automatically to questionID column. But I don't know how it is best (fastest) to do? table...

Microsoft Access / VBA

3390

asp question about post vars

by: glenn | last post by:

I am use to programming in php and the way session and post vars are past from fields on one page through to the post page automatically where I can get to their values easily to write to a...

ASP.NET

2109

Question about ExecuteScalar() function in ASP.NET

by: bienwell | last post by:

Hi all, I have a problem with using myCommand.ExecuteScalar(). My question is : If the Web setup is incorrect, does it make command ExecuteScalar() work improperly ?? In my program, I was...

ASP.NET

3682

Question about "Configuration Error" Message

by: Rider | last post by:

Hi, simple(?) question about asp.net configuration.. I've installed ASP.NET 2.0 QuickStart Sample successfully. But, When I'm first start application the follow message shown. ========= Server...

ASP.NET

4021

Question about the clc string lib

by: Jeff | last post by:

In the function below, can size ever be 0 (zero)? char *clc_strdup(const char * CLC_RESTRICT s) { size_t size; char *p; clc_assert_not_null(clc_strdup, s); size = strlen(s) + 1;

C / C++

4696

Question about the *= (and similar) operator

by: spibou | last post by:

In the statement "a *= expression" is expression assumed to be parenthesized ? For example if I write "a *= b+c" is this the same as "a = a * (b+c)" or "a = a * b+c" ?

C / C++

4888

Cannot add or update a child row: a foreign key constraint fails (`kims`.`question`,

by: semanticnotion | last post by:

Hi sir i want to transform the data of one table into another through foreign key but the following error come to my browser Here is my code and data base structure. CREATE TABLE IF NOT...

PHP

7254

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

7153

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

7373

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

7094

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Windows Server

7519

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

General

4743

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...

C# / C Sharp

3230

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...

Networking - Hardware / Configuration

3218

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

1585

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...

C# / C Sharp