AES_ENCRYPT(column_name,'encryption_passphrase') Where is the 'encryption_passphrase' stored, as the next time you want to decrypt, it has to match the user entered one. how does that work at a low level? is the password hashed and stored somewhere and who has access to it?