A master key that is not encrypted by the service master key must be opened by using the OPEN MASTER KEY statement and a password. This default can be changed by using the DROP ENCRYPTION BY SERVICE MASTER KEY option of ALTER MASTER KEY. Typically, the copy stored in master is silently updated whenever the master key is changed. To enable the automatic decryption of the master key, a copy of the key is encrypted by using the service master key and stored in both the database and in master. In SQL Server 2008 and SQL Server 2008 R2, the Triple DES algorithm is used. When it is created, the master key is encrypted by using the AES_256 algorithm and a user-supplied password.
The database master key is a symmetric key used to protect the private keys of certificates and asymmetric keys that are present in the database. password is optional in SQL Database and Azure Synapse Analytics. password must meet the Windows password policy requirements of the computer that is running the instance of SQL Server. Is the password that is used to encrypt the master key in the database. To view Transact-SQL syntax for SQL Server 2014 and earlier, see Previous versions documentation.
