>> ---- Torrent Girl wrote: >> >> > Did you have a problem with timeouts or out of memory errors? >> > >> > I have quite a bit of records
A loop like that shouldn't have any issues. Now, with that said I haven't used generateSecretKey() for generating salt. Wouldn't surprise me a bit if it was resource-intensive. Personally I always used createUUID() to salt my records. In fact, I make it a practice on general principles to keep an indexed UUID-containing field in every table and find it often comes in handy for a variety of things. Years ago I wrote up a system called AccessMonger. The Lite version is free and still on the Exchange http://www.adobe.com/cfusion/exchange/index.cfm?event=extensionDetail&loc=en_us&extid=1002753 It does all the stuff you are talking about. Stores salted, hashed pwds, supports pwd expiry and automated warnings ("your pwd will expire in 10 days, change it or perish in flames"), has user-driven password reset (not recovery) via hint/answer etc. Its old code but it works and if nothing else will give you a feature set and basis to write up your own system. -- --m@Robertson-- Janitor, The Robertson Team mysecretbase.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354911 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
