Hi Just to come back to a few of your security points for some more information please.
---QUOTE--- You might want to encrypt the information on the database... but this is a little overkill-ish. However if you can't secure the database as much as you'd like it can be a good measure. ------ Encrypt everything going into the database. ------- Say for example you were going to encrypt the users password that is stored in the database, what would you recommend to do this the Hash function? If so how do you match up the password the user enters when logging in to the encrypted version of the password stored in the database? ----QUOTE--- Use strong passwords for all users on both systems and any applications, such as CF Admin. Use a strong password generator for this. ---- Do you know for any good examples of a strong password generator ? ---QUOTE--- convert it to a secure (encrypted) email and send it directly the loan officer? -------------------- What would you use to secure the encrypted e-mail PGP or certain code in Coldfusion? If it is PGP are any alterations needed on the Coldfusion site to convert it into encrypted format? Finally is there a script that stops the user clicking on the back button in their browser window which would stop them viewing any sensitive data, or would you recommend just turning off the browsers standard buttons i.e. back, next, refresh etc and/or a script that stops users bookmarking certain pages in their browsers ? Ian ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:220997 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54