Thank you all. A long habit of not thinking a thing wrong gives it a superficial appearance of being right. Thomas Paine<http://www.brainyquote.com/quotes/quotes/t/thomaspain161749.html>
* *-- Ryan LeTulle On Fri, Jun 12, 2009 at 7:12 AM, Peter Boughton <[email protected]> wrote: > > >Are you saying that a uuid is inherently insecure? > > UUIDs are guaranteed to be unique, but not (afaik) to be unpredictable. > > I don't know *how* predictable they might be, but for any secure string I > wouldn't want to rely entirely on something with potentially > knowable/guessable sources - I would want something derived from both secret > information and data that is related to the original record. > > So, I would most likely use some form of double salted hash that > incorporates data that relates to that person - but not necessarily name, > since that might be changable. > > Make sense? > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323448 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
