Using password hints with column-level encryption

Db2 can store encryption password hints to help with forgotten encryption passwords. Each password hint uses 32 bytes in the encrypted column.

Procedure

To use password hints with column-level encryption, choose one of the following options:

  • Issue the SET ENCRYPTION PASSWORD statement to set the password hint.
    Use the following statement to set the password hint to the host variable hv_hint:Begin general-use programming interface information.
    SET ENCRYPTION PASSWORD = :hv_pass WITH HINT = :hv_hint;
    End general-use programming interface information.
  • Use the GETHINT function to return the password hint.
    Suppose that the EMPNO column in the EMP table contains encrypted data and that you submitted a password hint when you inserted the data. Suppose that you cannot remember the encryption password for the data. Use the following statement to return the password hint: Begin general-use programming interface information.
    SELECT GETHINT (EMPNO) FROM EMP;
    End general-use programming interface information.