Why don't services just encrypt their whole database, rather than just the user passwords?
>>55546882
Passwords are (or at least, should be, unless you're retarded like Adobe) hashed, not encrypted
Transparent database encryption is a thing, but it only really works against scenarios where the attacker is in possession of the physical media/a backup of the database, but not the key that was used to encrypt it. Most database compromises occur in the form of SQL injection, and since the attacker can just query for your data, you're fucked regardless.
>>55546930
Thanks.
>>55546882
Because ur would take 26 minutes to decrypt the entire database, run the search, add the data, then reencrypt the entire database.
Not even dialup was that slow