To configure a client to use the Multiprotocol Net-LibraryEncryption is a method for keeping sensitive information confidential by changing data into an unreadable form. Encryption ensures that data remains secure by keeping the information hidden from everyone, even if the encrypted data is viewed directly. Decryption is the process of changing encrypted data back into its original form so it can be viewed by authorized users.
Microsoft® SQL Server™ encrypts or can encrypt:
Login and application role passwords stored in the SQL Server system tables are always encrypted. This prevents any user, including system administrators, from viewing any password, including their own. Additionally, application role passwords can be encrypted, before they are sent over the network, when the application role is activated.
Note Using the sp_addlogin system stored procedure, SQL Server logins can be added without encrypting the password, if required. However, this is not recommended unless the passwords are already encrypted.
SQL Server allows data sent between the client and the server to be encrypted. This ensures that any application or user intercepting the data packets on the network cannot view confidential or sensitive data, for example, passwords sent across the network as a user logs into SQL Server, or personnel data containing salary information.
Encryption is implemented and configured by using the SQL Server Multiprotocol Net-Library.
To configure a client to use the Multiprotocol Net-Library
When the definition of a stored procedure, trigger, or view is saved in the syscomments system table, it can be encrypted optionally. Encrypting these definitions can be useful if, for example, a SQL Server system contains proprietary stored procedures, triggers, or views whose definitions should not be viewed by users and third-parties.
| CREATE PROCEDURE | CREATE VIEW |
| CREATE TRIGGER | Multiprotocol Clients |
| sp_addlogin | sp_setapprole |