OWASP #6 Preventing Sensitive Data Exposure in ASP.NET - Part 2: Encrypting Data at Rest