epassword again and verify the encrypted data). Only selected personel would
have access to the private key in case anything needs to be decrypted. This
could also happen from an intranet system that has access to the same
database.
Jesse
-----Original Message-----
From: Matt Liotta <[EMAIL PROTECTED]>
To: CF-Talk <[EMAIL PROTECTED]>
Date: Mon, 5 Jan 2004 09:32:11 -0500
Subject: Re: Password Logic
> You could use encryption with a private and a public key. In the
> application
> you always re-encrypt the password and compare the encrypted string.
> And in
> certain cases someone from another system can use the private key to
> extract
> the password.
>
> This would be the best of both worlds, provided the private key isn't
> stored
> on the webserver.
>
Your application can't use public/private key encryption without access
to the keys.
-Matt
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
