I'd say the best is to not even use encryption, but a hash (message digest) instead. Hash is sometimes called "encryption", but it can't be decrypted.
A hash (it's available as a CF function) is a one-way mathematical function. There is no decryption; only brute-force attack can tell you what a hashed value is. But the hash is predictable, it always gives the same output for the same input. So, hash the user's password and store THAT in the database. Then, when the user wants to login again, first hash the password the user's entered, then compare that with the hashed password stored in the database. Chris Norloff ---------- Original Message ---------------------------------- from: Mak Wing Lok <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Wed, 3 Apr 2002 10:54:02 +0800 >anyone can suggest what is the best method to encrypt password that stored >in the database? > > >--------------------------------------------------------------------------- >"Pharmaniaga Berhad, your integrated healthcare provider" >www.pharmaniaga.com.my >"www.ehealth4all.com, your most convenient way to healthcare, everyday..." >The information transmitted is intended only for the person or entity to >which it is addressed and may contain confidential or privileged material. >If you received this in error, please contact the sender and delete the >material from any computer. Any review, retransmission, dissemination or >other use of, or taking of any action in reliance upon, this information by >persons or entities other than the intended recipient is prohibited. >--------------------------------------------------------------------------- > ______________________________________________________________________ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
