If I don’t want to store user emails in plain text in the database,

Question

0

Asked: May 27, 20262026-05-27T07:18:58+00:00 2026-05-27T07:18:58+00:00

If I don’t want to store user emails in plain text in the database,

0

If I don’t want to store user emails in plain text in the database, but need them for running look-ups, is there a way to both encrypt (two-way so the content can be retrieved) and easily look up the value?

EDIT Would storing two columns, one encrypted for display and one hashed for lookup work?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T07:18:58+00:00

MySQL has aes_encrypt() and aes_decrypt() for this sort of thing, but then you’re still passing the encryption key in-the-clear, which means you might as well just be passing around the email addresses in-the-clear.

The basic method would be something like:

SELECT ...
FROM yourtable
WHERE encrypted_email = AES_ENCRYPT('someone@example.com', 'crypt key here');

but again, you’d not be gaining any security since you’re sending the key each time.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

If I don’t want to store user emails in plain text in the database,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply