This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 41%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Hi All,
Is there a way to encrypt stored procedure code with password ?. I am not talking about the keyword "WITH ENCRYPTION" in the stored procedure when creating it but actually applying a password to it so that I can also decrypt it with that password. Don't want to create a master key and certificate for it either. Is there a way ? This is for any SQL Server versions from 2012 to 2019.
Thanks.
What is your use case for needing this? Typically, one keeps stored procedures in source control to avoid reverse engineering existing database objects.
No. Think of it. To be able to run the stored procedure, SQL Server needs to be able read the SQL code. So if there were such a feature, user would only be able to run the procedure if the user has the password.
Hi @Carlos D ,
No. It is not possible. Refer to How to Encrypt a Stored Procedure in SQL Server.
Best regards,
Cathy
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you all. I knew it but just wanted to verify. The reason for this is because we are managing other companies database servers and implementing our own stored procedures. When the company ends the contract, we need to remove these stored procedures and not have them use them anymore.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 1%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETP%3C/text%3E%3C/svg%3E)
For what you describe, I create a "license check" encrypted proc. That proc just returns 0 or 1 if the date is <= a date like 1/1/2021. Then each encrypted proc, calls this proc first before running and reports "License violation" after the date. If you need to extend the procs past that date, you just replace the encrypted proc and a new date.
There is not really a good way to stop someone from using code on their server.
The point is that the SPs will be used as long as we are in contract with the customer but once the contract ends we will delete the SPs and other items we implement as part of DB management.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 23%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
Not sure what your concern is - if you remove the stored procedures from the system then they no longer exist and cannot be used. If the problem is identifying your objects - create a schema and place all of your objects in that schema, then you can easily identify your objects.
I guess Carlos's concern is that the customer may copy the procedures, and thus take benefit of them after their engagement has ended. This is obviously something that should be outlawed in the license agreement, but it can be difficult to legally enforce with a customer who is dead set on cheating - not the least if the customer company is a lot bigger than yours.
Thanks Erland. That is exactly what it is.