Encrypting the key using a different encryption method and storing it in the registry, then storing the encryption key for the different method in a secured database on a different machine not accessible at all from the web perhaps?
Still compromisable, just not as easily. Dan -----Original Message----- From: Andy and Kim Mills [mailto:[EMAIL PROTECTED] Sent: 30 December 2004 15:35 To: [email protected] Subject: [ASP] Protecting Encrypition Key Hello All: We are in the process of using a Triple DES method to encrypt all our passwords, credit card numbers, etc. However: we are stuck on the best method to store our encryption key. We obviously cannot write it down anywhere (code it into an application), as that compromises our security. Would anyone be able to suggest or give some guidence on the best methods to ensure our encryption key is secured and not able to be compromised? Thanks for any help Andy --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [email protected] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- Yahoo! Groups Links ------------------------ Yahoo! Groups Sponsor --------------------~--> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar. Now with Pop-Up Blocker. Get it for free! http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/17folB/TM --------------------------------------------------------------------~-> --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [email protected] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/active-server-pages/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
