When storing information for an application some things obviously warrant encryption; for example passwords. However, other elements may benefit from encryption that might not seem so obvious.
For instance, do you encrypt users email addresses, real names, mailing addresses, or other tidbits?
So, this post is more of a question than an observation - what and why do you encrypt and why don’t you encrypt other tidbits of personal identifying information?
Peter J. Farrell
You might consider picking up a book called Translucent Databases by Peter Wayner. I’ve done some work with him and he’s a pretty smart guy.