My opinion is that using the CF Administrator to setup the username and
password is the most secure way to do this for the very reason you pointed
out - people might be able to crack open the code and get that username and
password. You should be worried about other people on your shared box, not
the administrator.
You have to assume that your system administrators aren't going to steal
your secrets. Besides, they don't need your username and password. They
can access all the databases on the SQL server anyway.
---mark
------------------------------------
Mark Warrick - Fusioneers.com
Email: [EMAIL PROTECTED]
Phone: 714-547-5386
http://www.fusioneers.com
http://www.warrick.net
====================================
> -----Original Message-----
> From: Bud [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 06, 2001 6:27 AM
> To: CF-Talk
> Subject: Which SQL ODBC Login method?
>
>
> Hi all. What do you all recommend?
>
> 1. Adding the SQL Login to the CF Administrator ODBC Setup?
> or
> 2. Leaving it blank and hard coding it into cfquery?
>
> Seems as though hard coding it would be safer since no one else on
> the server would be able to query it without the username and
> password. Of course then if someone hacks into your ftp directory
> then they have your username and password.
>
> Thougths?
> --
>
> Bud Schneehagen - Tropical Web Creations
>
> _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
> ColdFusion Solutions / eCommerce Development
> [EMAIL PROTECTED]
> http://www.twcreations.com/
> 954.721.3452
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
