RE: encrypt decrypt functions - what kind of encryption?

Wed, 26 Apr 2000 17:45:00 -0700 

None of Allaire's encryption is very strong.  The admin passwords can be
broken in about 5 minutes of brute force programming, and it took me 5
minutes to find the source code for the decrypt program ( which does work on
4.5, by the way).

Lock down your administrator using standard web security. If you need to
encrypt passwords, use the new Hash() function.  If you need strong security
that you want to decrypt, use PGP.

Chris Evans
[EMAIL PROTECTED]
http://www.fuseware.com



-----Original Message-----
From: Mike Sheldon [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 26, 2000 6:19 PM
To: [EMAIL PROTECTED]
Subject: RE: encrypt decrypt functions - what kind of encryption?


>From what I read in the docs, it looks like someone over at Allaire thinks
they're qualified to write their own crypto.

I would consider it slightly more secure than ROT13 until *proven*
otherwise. Unless Allaire will own up to the algorithms used, and the
source-code implementations, there's no way to prove it.

Michael J. Sheldon
Internet Applications Developer
Phone: 480.699.1084
http://www.desertraven.com/
PGP Key Available on Request

-----Original Message-----
From: Scott Rowe [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 26, 2000 11:33
To: CF-Talk
Subject: encrypt decrypt functions - what kind of encryption?


Anyone know what kind of encryption these functions use? Is it DES like the
template encryption?
Couldn't find anything on allaire.com and my paranoid sysadmin wants to know
:-)

Thanks,

Scott

----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.


------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to