On Thursday 10 Jul 2003 14:57 pm, Raymond Camden wrote: > It does, unless someone decrypts your cookie. Why not simply store both > the username and password?
Store a hash of the password on the client. Then if Evil Bob gets hold of the client machine, they can't retrieve the original password. -- Thomas C Advanced ColdFusion Programmer PLEASE NOTE: When the Recipient Is Not Directly Observing This E-mail, It May Cease to Exist or Will Exist Only in a Vague and Undetermined State. PLEASE ALSO NOTE: I don't speak for the company that sent this. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
