Encryption of Certain Fields in QueryHistory

[dasu88]

Thank you for providing such an excellent extension tool. I would like to ask if the Query History tool can be modified to store the Query Text in an encrypted manner in the database, and then decrypt it when retrieving it on the interface?

This requirement is due to security considerations, as we do not want other users to see the SQL content in plain text by accessing that table. If possible, please also encrypt the DataSource and DatabaseName fields.

We hope this suggestion can be adopted. Thank you very much.

Addition: Alternatively, completely detach QueryHistory from that table and store it in a separate, secure encrypted file. This is another viable approach.

[alex-bochkov]

I can certainly add Always Encrypted support there, but you will lose the ability to search within the query text.

[dasu88]

I can certainly add Always Encrypted support there, but you will lose the ability to search within the query text.

I actually hadn't considered that. Would it be feasible to write it to a more hidden location, such as SQLite, instead of the MS SQL server itself? Alternatively, could this feature be made an option so I can decide?

[alex-bochkov]

I would not describe SQLite as hidden. It can be stored on the same machine where SSMS is running, which only helps if the machine is not shared with other users.

Another option would be to install SQL Server Express on the machine where SSMS is running ("your computer") and point the query history there.

I'll think about it. You're the second person who has asked for this recently.

[dasu88]

I would not describe SQLite as hidden. It can be stored on the same machine where SSMS is running, which only helps if the machine is not shared with other users.

Another option would be to install SQL Server Express on the machine where SSMS is running ("your computer") and point the query history there.

I'll think about it. You're the second person who has asked for this recently.

Yes, my requirement is that the history records can just be stored locally. As for installing SQL Express separately, I've considered it, but given my laptop's performance issues, I'm not sure if adding another SQL service would degrade my development environment's performance, so I haven't done anything about it for now.

In any case, thank you for your tool—it's been a huge help to me.