----- Original Message -----
From: Mosh Teitelbaum <[EMAIL PROTECTED]>
Date: Monday, December 15, 2003 12:19 pm
Subject: RE: Scrambling Data
> Hatton:
>
> I prefer salting and hashing passwords stored in a database. The
> hashingprovides one-way encryption and the salting protects
> against people who have
> the same password. MSDN has a good intro to password security at
> http://msdn.microsoft.com/msdnmag/issues/03/08/securitybriefs/default.aspx
>
> ColdFusion doesn't have any built-in hashing functions but there
> are some
> good CustomTags available at the Dev Exchange that do hashing.
>
> --
> Mosh Teitelbaum
> evoch, LLC
> Tel: (301) 942-5378
> Fax: (301) 933-3651
> Email: [EMAIL PROTECTED]
> WWW: http://www.evoch.com/
>
> -----Original Message-----
> From: C. Hatton Humphrey [EMAIL PROTECTED]
> Sent: Monday, December 15, 2003 1:43 PM
> To: CF-Talk
> Subject: Scrambling Data
>
>
> I am working out a database schema for an intranet and need to
> figure out
> some way to mask the password field in the users table from simple
> SELECTgrabs.
>
> I know that CF has some built-in encryption tools but I can't
> remember what
> they are. Can someone point me in the right direction?
>
> At this moment I'm just trying to figure out what to store in the
> database.I know I'll need a field for the password but do I need
> to also provide a
> field for a key or key pair?
>
> Thanks!
> Hatton
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.548 / Virus Database: 341 - Release Date: 12/5/2003
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
