@sapator wrote:
So from what I can make out:
You can have your database with encrypted values but anyone that is accessing the database, based on an SQL Server that has the correct master key can pretty much decrypt everything.
If you move the database somewhere else then you must create an exact duplicate of the master key else the database cannot be decrypted.
Is this the case?
If that is so, then why is this better than passphrase? With passphrase you cannot decrypt the database unless you know the password, and provide it.
So even if the database is on you main server and everyone can view it, it cannot be decrypted without the passphrase.Any thoughts?