I have a customer with an Access database (ugh!) in which credit cards are stored in plaintext (yikes!), so amongst other changes I'm doing in the app, I'm applying some encryption in there.
I've used Rijndael as the algorithm of choice, but I'm struggling to find the correct approach to storing the encryption/decryption key, since an access database is inherently source-visible. How can I provide decent security on this one to prevent someone grabbing the database (by local access - this machine is NOT Internet connected) ? I feel I'm omst of the way there, but missing this vital piece of the jigsaw