Store them as hashes using the CF hash() function. Then to authenticate a user, do this:
<cfquery name="get" ...> SELECT password FROM table_name WHERE username = '#Attributes.username#' </cfquery> <cfset authenticated = hash(attributes.password) EQ get.password /> Viola, no visible passwords anywhere. barneyb > -----Original Message----- > From: Tilbrook, Peter [mailto:[EMAIL PROTECTED] > Sent: Monday, February 24, 2003 3:17 PM > To: CF-Talk > Subject: Password fields in MS SQL Server 2000 > > > Hi there, > > Just wondering if there is a setting in SQL Server to hide password fields > like in MS Access. > > At the moment the fields are just nvarchar which sort of defeats > the purpose > of having a password field in the database (even using SSL for > logging in). > > Thanks! > > == > Peter Tilbrook > Internet Applications Developer > Australian Building Codes Board > GPO Box 9839 > CANBERRA ACT 2601 > AUSTRALIA > > WWW: http://www.abcb.gov.au/ > E-Mail: [EMAIL PROTECTED] > Telephone: +61 (02) 6213 6731 > Mobile: 0439 401 823 > Facsimile: +61 (02) 6213 7287 > > > ********************************************************************** > The information contained in this e-mail, and any attachments to it, is > intended for the use of addressee and is confidential. If you are not > the intended recipient, you must not use, disclose, read, forward, copy or > retain any of the information. If you have received this e-mail in > error, please delete it and notify the sender by return e-mail or > telephone. > The Commonwealth does not warrant that any attachments are free from > viruses or any other defects. You assume all liability for any > loss, damage, or > other consequences which may arise from opening or using the attachments. > > ********************************************************************** > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
