Passwords: We're using md5 hashes. If a user loses their password, we generate a new one and ask them to change it once they login.
Credit Cards: PGP pairs. But I've got a question specific to WebWare here: We're in the middle of our first CC site in Webware, and have been logging/emailing errors on other sites. However, when an error occurs the form fields are logged/emailed as part of the exception report. Which leads to a problem: the CC number/info are sent plaintext in the emails. So, what are you guys doing for this? Would it be possible to have someway in Webware to set some form fields that are NOT logged/emailed? Just a thought.. Luke --- Chuck Esterbrook <[EMAIL PROTECTED]> wrote: > I need to encrypt the passwords and credit card numbers > in my database. > Any recommendations on an approach? > > -Chuck > > _______________________________________________ > Webware-discuss mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/webware-discuss ===== ------------------ Reference Counting Garbage Collection: Look out philosophy majors, things really DO cease to exist when no one is looking at them! ------------------ __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
