> by, but I think it is important to know that a much stronger
> encryption for CFLOGIN and CFENCRYPT will be much stronger
> than the old very weak hash function. Very important for
> storing credit card info and passwords. as well as being able
> to encrypt your code.
The current hash function isn't very weak. It's your typical MD5 hash, which
is good enough for hashing (which isn't the same as encryption). As for
CFLOGIN, I'm not sure what's wrong with that, either - I haven't seen
anything dissecting the login cookie values.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: 202-797-5496
fax: 202-797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
