Take a look at the documentation   If you specify NULL as password2 for the Master Key, it ties data encrypted with it to the account under which it's encrypted.  So you can tie decryption of data to the same account that it was encrypted with by not supplying the second password.  That means that not only would a maluser need a login to decrypt your data, they need the same login that was used to encrypt the data.

This is more secure, and can help prevent other users from getting into your encrypted data.  The downside is that only the account that encrypted the data can decrypt the same data.