When storing information for an application some things obviously warrant encryption; for example passwords. However, other elements may benefit from encryption that might not seem so obvious.
For instance, do you encrypt users email addresses, real names, mailing addresses, or other tidbits?
So, this post is more of a question than an observation - what and why do you encrypt and why don’t you encrypt other tidbits of personal identifying information?
Comments
Peter J. Farrell
Hi Bill,
You might consider picking up a book called Translucent Databases by Peter Wayner. I’ve done some work with him and he’s a pretty smart guy.
http://www.wayner.org/books/td/