Results 1 to 13 of 13
  1. #1
    Join Date
    Oct 2010
    Posts
    13

    Unanswered: Password Protecting Sql Server MDF Files

    hi,

    I've been working on sql server.

    Like to password protect sql server database. Can somebody let me have the solution for it.

    Using Sql server password protection will not work as I can easily stop the sqlserver service and copy the mdf,ldf and store at diff sql server to know the structure of tables, queries and SPs.

    I just like to protect the file so no one can view it whether he get the mdf.

    I hope this time I will get the reply.

    Thanks in advance.

    Jay Khatri

  2. #2
    Join Date
    Feb 2004
    Location
    In front of the computer
    Posts
    15,579
    Provided Answers: 54
    As long as you're willing to stop the SQL Server to do it, you can use PGP, WinZip, Win-RAR, etc. to encrypt the MDF file. Be sure to encrypt the log file too, they form a working pair and it would not make sense to encrypt one without encrypting the other too.

    -PatP
    In theory, theory and practice are identical. In practice, theory and practice are unrelated.

  3. #3
    Join Date
    Aug 2006
    Location
    San Francisco, CA
    Posts
    136
    I am a bit unsure if you are asking for a way of encrypting the database files after they have been detached or while the db is in use. If you want the ensure "encryption for data at rest" you can look at SQL Server 2008 Transparent Data Encryption (TDE).

    I hope this helps

  4. #4
    Join Date
    Oct 2010
    Posts
    13
    Ohh there is a confusion, I was just like to say that I only know to protect the sql server not the files. someone can easily stop the service and copy my database (from my client's end where my software is running). So i need file encryption from sql server management studio.

    Is it possible ?

    Thanks in advance.

    Jay Khatri

  5. #5
    Join Date
    Aug 2006
    Location
    San Francisco, CA
    Posts
    136
    Yes, you can use TDE for this.

  6. #6
    Join Date
    Oct 2010
    Posts
    13
    Ok Reghardt, can I find this in sql server 2005. yes exactly I want when someone copy my database and when he attach on his system. It must ask a password.

    This is what I want from sql server itself.

    Thanks in advance

    Jay Khatri

  7. #7
    Join Date
    Aug 2006
    Location
    San Francisco, CA
    Posts
    136
    TDE is a little more complex than just a basic password, it includes certificates, keys, passwords, etc. It is unfotunately limited to SQL Server 2008 +

    Here is the link:
    Understanding Transparent Data Encryption (TDE)

  8. #8
    Join Date
    Jan 2003
    Location
    Massachusetts
    Posts
    5,800
    Provided Answers: 11
    TDE was introduced in SQL 2008.

    This comes down more to a problem of ownership. If this is a client's system, they typically own everything on it. If this is a hosted solution, then you would own it, and the contract you signed with the hosting company should spell out what you can expect as far as security of your datafiles.

  9. #9
    Join Date
    Oct 2010
    Posts
    13
    ya, I am reading this article Hope this will help me. How to simulate transparent data encryption (TDE) with SQL 2000 and 2005

  10. #10
    Join Date
    Oct 2010
    Posts
    13
    And If I compromise at file level encryption. Is it good idea to Switch to mysql server for winforms.

    Right now my database is in MS-Access but since tables have been increased dramatically and I have to store data in Three or four tables parallel. Access cant give concurrency and atomicity. So switch is must.

    I have sql server 2005 and not sql server 2008, I can install sql server 2008 express edn at client but I am not sure that the database of 2008 will open in 2005 or not.

    Can you suggest the right move.

    Thanks you very much for such anticipation.

    Best Regards

    Jay Khatri

  11. #11
    Join Date
    Feb 2004
    Location
    In front of the computer
    Posts
    15,579
    Provided Answers: 54
    Microsoft has always supported upgrading databases (such as moving from SQL 2005 forward to SQL 2008), but has never really supported downgrades (moving from SQL 2008 back to SQL 2005).

    You would have to have some edition of SQL 2008 to access backup files or even the raw MDF / NDF / LDF files that were produced by SQL 2008. I'm pretty sure that you could not access any of those files using SQL 2005.

    -PatP
    In theory, theory and practice are identical. In practice, theory and practice are unrelated.

  12. #12
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,424
    Provided Answers: 8
    And idea here why not just hide the folder where the database is what people can't see they can't take lol

    What I did was copied database to a new location hide that folder them put and old old version in the old place.

  13. #13
    Join Date
    Oct 2010
    Posts
    13
    Good to know but this is something call arrangement not the solution. I am so much concerned as I know people fighting here for back biting and I made something new a some modules. Anyways I think I must go for sql server 2008 or forget about the mdf encryption from sql server management studio.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •