Enterprise Edition Home |
Express Edition Home |
Previous Page | Next Page SQL Statements > SET ENCRYPTION PASSWORD >
Passwords and hints that you declare with SET ENCRYPTION PASSWORD
are not stored as plain text in any table of the system catalog, which also
maintains no record of which columns or tables contain encrypted data. To
prevent other users from accessing the plain text of encrypted data or of
a password, however, you must avoid actions that might compromise the secrecy
of a password:
- Do not create a functional
index using a decryption function. (This would store plain-text data in the
database, defeating the purpose of encryption.)
- On a network that is not secure, always work with encrypted data, or use
session encryption, because the SQL communication between client and server
sends passwords, hints, and the data to be encrypted as plain text.
- Do not store passwords in a trigger or in a UDR that exposes
the password to the public.
- Do not set the session password prior to creating any view,
trigger, procedure, or UDR. Set the session password only when you use the
object. Otherwise, the password might be visible in the schema to other users,
and queries executed by other users might return unencrypted data.
Output from the SET EXPLAIN statement always displays the password and hint parameters as XXXXX,
rather than displaying actual password or hint values.
Related Information
For more information about built-in functions for encrypting and decrypting
data, see Encryption and Decryption Functions.
For information on setting the environment variable INFORMIXCONCSMCFG, refer to the IBM Informix Guide
to SQL: Reference.
Enterprise Edition Home |
Express Edition Home |
[ Top of Page | Previous Page | Next Page | Contents |
Index ]