you will have them encypted in the DB.
by generating a random key (using a custom tag I wrote ;-) - say
'284un#'][fn7' you will actually have 3 values.
used in this way -
<cfset tKey = '284un#'][fn7'> (this will actually be generated at
run-time)
<cfset tEncryptPWD = #encrypt(#FORM.Password, tKey)#>
then store #tEncryptPWD# in the DB with tKey either in the DB as well or
somewhere else.
The value in the DB which would probably be something like '-06[45;65554'
etc...
at validation - get the encrypted pwd, decrypt it with corresponding key
(unique for each user) and hey presto ure away - no match? go away,
match? - ure in!!!
N
<! -----------------------------------
Neil Clark
Senior Web Applications Engineer
mcb digital
Tel. +44 (0)20 8941 3232
Tel. +44 (0)20 8408 8131 [Direct]
http://www.mcbdigital.com
----------------------------------->
------------------------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message
with 'unsubscribe' in the body to [EMAIL PROTECTED]
