> application
> you always re-encrypt the password and compare the encrypted string.
> And in
> certain cases someone from another system can use the private key to
> extract
> the password.
>
> This would be the best of both worlds, provided the private key isn't
> stored
> on the webserver.
>
Your application can't use public/private key encryption without access
to the keys.
-Matt
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
