.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

symmetric key protected by a password

Posted By: Syed Shakeer Hussain     Posted Date: May 16, 2010    Points: 2   Category :Sql Server
An alternative could be using a symmetric key protected by a password, as long as your application generates the CREATE SYMMETRIC KEY and OPEN SYMMETRIC KEY statements directly instead of calling them inside a SP (otherwise the password will still be passed as a parameter, and will be in clear in the profiler).

View Complete Post

More Related Resource Links

Open a password protected package in C#

Hi - trying to write an app that opens packages in C# but have hit a stumbling block - how do you open a package that is password protected? The code I am using is: app.LoadPackage(packagepath, null) But I can't see how to pass the password in, so the code throws an exception. Cheers, James James Beresford @ www.bimonkey.com SSIS / MSBI Consultant in Sydney, Australia SSIS ETL Execution Control and Management Framework @ SSIS ETL Framework on Codeplex

SSIS Package Protection Level Errors - decrypt protected XML node "DTS:Password" with error 0x800900

Error 7 Error loading GetData.dtsx: Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B "Key not valid for use in specified state.". You may not be authorized to access this information. This error occurs when there is a cryptographic error. Verify that the correct key is available.   c:\Packages\GetData.dtsx 1 1  Error 8 Validation error. Data Flow Task: OLEDB Source [5310]: The AcquireConnection method call to the connection manager "SourceServer" failed with error code 0xC0202009. GetData.dtsx 0 0 Environment I need to execute - BIDSHave Solution, with files linked with VSS. When I click on package, aforesaid errors show up and package opens in designed.Protection Level : Encrypt Sesitive with User KeyThis means it'd run only on machine and by user where and who created respectively.So I changed it to Encrypt Sesitive with Passoword and provided Passoword. No luckSo I changed it to Do not save sensitive, as anyways in the connection manager, it has Expression saying @Variablename (with appropriate correct syntax), and variable is mapped to config file. I tired with Config file and also by hardcoding the value in the connection manager's connection string after removing the variable name, also tried by hardcoding value in variable value and disabling config file.Nothing works. I read 3 threads discussing this issue by othe

Failed to decrypt protected XML node "DTS:Password" with DontSaveSensitve Checked



I have been researching and researching this.  First, I have all my packages all have the protection level set to DontSaveSensitive.  Second, all my passwords are stored in a config file.  This config file location is stored in an env variable.  The packages are all calling the config files from package configurations.

If I do the development on our dev server I dont' have a problem. As soon as I go to our test box, I get the error or if another person accesses it and tries to run it they get the error.

I have no idea to fix this.  The only solution I have found anywhere is to change the protectionlevel.  Changing it to rely on server gives me more error messages.  I honestly don't remember having this issue before now.

please help!



Failed to decrypt protected XML node "DTS:Password" with error 0x8009000B



I have developed several SSIS packages with the last Beta of VS2005 / SQL Server CTP. After the public release I tried to uninstall the CTP-Versions to install the msdn finals but this time I got lost and was not able to satisfy the requirements of the final setup of VS2005. So I decided to install the whole pc again and after some hours I had a clean machine (XP with latest SQL Server 2005 Standard and VS2005 Professional).


Now I have tried to open my SSIS-Project but getting the following error:


Password protected PDF/Excel reports using SQL Reporting services


I am generating a reports using SQL Reporting services 2005. I need to protect the protect the reports(pdf and excel) with the password while the user is exporting the report to to excel or pdf.

Is there any way to protect the report.

Thanks in advance...


Linked Server to Password Protected Access Database


I want to create linked server in SQL 2005 with Ms Access 2003 Database. I have used following commands to create linked server.

EXEC sp_addlinkedserver
@server = N'TestLinkServer',
@provider = N'Microsoft.Jet.OLEDB.4.0',
@srvproduct = N'Access',
@datasrc = N'D:\Test.mdb',
@provstr = Null

EXEC master.dbo.sp_addlinkedsrvlogin

With above command linked server successfully create and can run SQL query against linked server. But if i set Database password to MS Access 2003 Database, then it gives following error message.

The OLE DB provider "Microsoft.Jet.OLEDB.4.0" for linked server "TestLinkServer" reported an error. Authentication failed.

Any ideas?


How to parse html code from Webpages and password protected Webpages

Hello i am making a programme to retrieve all the links to files (ex : www.mysite/file.zip) and embedded pictures frome a webpage

I tryed 2 ways

Method 1

I started with a webbrowser control and htmldocument class. that work perfectly but the webbrowser load everything like a real web browser whereas i only need to parse the html code.

for exemple when I use my program on this web site http://www.annabella.net/music.html I can heard the background music :-/....(even if my control is Visible=false)
the webbrowser.stop() method doesnt work (doesnt stop the music)
So i have a first question

How can i use the HtmlDocument class (to parse my code) without the annoyance of the  webbrowser control (that load everything when i only need a html document) or at least sidestep the music issue :-/

Method 2
after many days diggin the web i found other way to grab html code from a page and parse it easily
I use the microsoft html library from COM and the .createDo

How to Encrypt and Decrypt a Password using SQLSERVER 2005?(Video)

Encypt and Decrypt a Password using SQLSERVER 2005(Video)

Use Membership but bypass / disable password usage for users


I have an application that does LDAP authentication. The authentication is done on the code behind page of my Login.aspx page. Once the user passes LDAP authentication, a cookie is set and I redirect:

FormsAuthentication.RedirectFromLoginPage(UserName.Text, False)

I would like to setup membership in my application and keep track of some user information. But due to company security requirements, I cannot store user passwords on my application. That must stay on the LDAP server only.

Is there a way to store users but disable password storage on the aspnet_membership table?

help needed: Ldap User authentication using userDN and password



Is it possible to authenticate a user using userDN and password? If so, then tell me the syntax.So far i have tried to authenticate using username and password from my c# code using directoryentry which takes the parameters like domainname,username and password. But i need to authenticate using Userdn and password.

Crystal Report gives System.AccessViolationException: Attempted to read or write protected memory. T


when a crystal report for same id is opened again at same time or refreshed then it gives the

"System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt."

Stack Trace is :-

Stack Trace:

[AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.]
CrystalDecisions.ReportAppServer.Controllers.DatabaseControllerClass.SetConnectionInfos(ConnectionInfos ConnectionInfos) +0
CrystalDecisions.CrystalReports.Engine.Table.ApplyLogOnInfo(TableLogOnInfo logonInfo) +362
CrystalDecisions.CrystalReports.Engine.ReportDocument.SetTableLogon(Tables tables, String user, String password, String server, String database, Boolean ignoreCase) +258
CrystalDecisions.CrystalReports.Engine.ReportDocument.SetDatabaseLogon(String user, String password, String server, String database, Boolean ignoreCase) +204

Security: Safer Authentication with a One-Time Password Solution


One-time passwords offer solutions to dictionary attacks, phishing, interception, and lots of other security breaches. Here's how it all works.

Dan Griffin

MSDN Magazine May 2008

Are You Protected?: Design and Deploy Secure Web Apps with ASP.NET 2.0 and IIS 6.0


Ensuring the security of a Web application is critical and requires careful planning throughout the design, development, deployment, and operation phases. It is not something that can be slapped onto an existing application. In this article, Mike Volodarsky outlines best practices that allow you to take advantage of the security features of ASP.NET 2.0 and IIS 6.0 to build and deploy more secure Web applications.

Mike Volodarsky

MSDN Magazine November 2005

Security Briefs: Password Minder Internals


In my last column I introduced Password Minder, the tool I use to manage all of my passwords. It generates a long, random password for each site I visit, and makes it possible for me to use the most complex passwords possible, without ever having to see the actual password material or type it in manually.

Keith Brown

MSDN Magazine October 2004

Symmetric Key Encryption on the Compact Framework

There are two main types of encryption algorithms available within the .NET Compact Framework - symmetric and asymmetric encryption. This blog entry will discuss how to utilise symmetric key encryption, but first we have to outline the difference between Symmetric and Asymmetric encryption (I will discuss asymmetric key encryption in a future blog entry).

Symmetric and Asymmetric Key Encryption
Symmetric encryption algorithms (also known as ciphers) process plain text with a secret encryption key to create encrypted data (called cipher text). The same secret key is used to decrypt the cipher text back to plain text.

Asymmetric encryption (also known as public-key encryption) is a cryptography technique that uses public and private key pairs to encrypt and decrypt data respectably. The private key is a closely guarded secret, while the public key can be freely distributed over untrusted networks. You do not worry who has your public key (you could print it on a 100foot tall banner if you so desired), but you must keep your private key secret.

Force password expiration after x days


Using C# and sqlmembershipprovider forms authentication, is there a way to force user password to expire and need to be reset after x number of days?

So if a user launches the website login.aspx page, when they type their userid, it will check if the password is expired and direct them to a Resetpassword.aspx page?

Password change control won`t accept new password


Hi guys

I am developing a shopping cart with asp.net and sqlexpress. I am using aspnet authentication components to create a backend page. I designed the site to let in only authorized users in. 

Yesterday, I forget my password to login to backend and asked system recover my password. with recover password of the asp.net I was able to receive the temp password. I took that and logged in, of course asp.net forward me to password change component which I am having problem with. 

Every time I change my password , password change shows that I was successfull but after clicking on the continiue button password change component comes back. I went to properties of password change component and entered the main default page as destination but it is not helping. 

I close the IE clear the cache , even restart the machine. When I login always taking me to the password change page.

So, I need your help with this. Please let me know your inputs.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend