How To Check Database Encryption Status in SQL Server

You wanted to know if your database is already encrypted or not.

Use the following commands to figure it out,

-------------------COMMAND 1------------

select db_name(database_id), encryption_state 
from sys.dm_database_encryption_keys;




-------------------RESULT-------------------

                       encryption_state
====================== ================
tempdb                 3
SID                    3
-------------------COMMAND 2------------

SELECT
    db.name,
    db.is_encrypted,
    dm.encryption_state,
    dm.percent_complete,
    dm.key_algorithm,
    dm.key_length
FROM
    sys.databases db
    LEFT OUTER JOIN sys.dm_database_encryption_keys dm
    ON db.database_id = dm.database_id;




-------------------RESULT-------------------

name                     is_encrypted encryption_state percent_complete key_algorithm   key_length
======================== ============ ================ ================ =============== ===========
tempdb                   1            3                0.0              AES             256
SID                      1            3                0.0              AES             256
model                    0            NULL             NULL             NULL            NULL
master                   0            NULL             NULL             NULL            NULL
msdb                     0            NULL             NULL             NULL            NULL

encryption_state

Indicates whether the database is encrypted or not encrypted.

  • 0 = No database encryption key present, no encryption
  • 1 = Unencrypted
  • 2 = Encryption in progress
  • 3 = Encrypted
  • 4 = Key change in progress
  • 5 = Decryption in progress
  • 6 = Protection change in progress (The certificate or asymmetric key that is encrypting the database encryption key is being changed.)

You May Also Like

Leave a Reply?