Is It Worth Encrypting E-mail Addresses?

[snuggles79]

I have set up my mailing list form on my site and it takes the information of anybody who fills it in and puts it into an SQL DB.

 

Is it worth encrypting the e-mail addresses (and possibly names) in the SQL table or is SQL secure enough on its own? It's not a sensitive mailing list at all - just wondering if I should take that extra step as routine? And, if so, what would be the best way of encrypting the data (I've never had to do it before) - obviously MD5 would be no good as I need to be able to decrypt the e-mail addresses to send out the e-mails.

 

Thoughts / suggestions please.

[premiso]

SQL is secure enough as long as you code for it.

 

As far as encrypting the email address, that is not a good idea unless you can decrypt it. Cause if you cannot decrypt (md5 does not allow decryption) than having that email in there is useless.

 

Probably 99% of databases leave it unencrypted, because the code should protect it.

 

Names are the same way, if they are encrypted they do you no good if you cannot decrypt them, and if you can decrypt them someone else can too.  Passwords are about the only thing that should be encrypted, with a 1-way MD5 hash.

 

At least that is my take on it.

[PFMaBiSmAd]

md5() is a hash. A hash is not the same thing as encryption.