If it is SQL server, you can set the column type to uniqueidentifier. If you are like me and don't like the pointless dashes in the uuids, you can set the column to nvarchar(32) then set the default constraint to replace(newID(), '-', '')
Then... SQL Server will take care of populating the field for you and you will see no predictable pattern with them as you do with CFs UUIDs. If you already have the column, the best thing to do would be to drop and recreate it so existing columns are updated with the new default. (if you don't have any links out there that are dependent on existing values that is) .:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com http://cf4em.com -----Original Message----- From: Peter Boughton [mailto:[email protected]] Sent: Friday, June 12, 2009 8:13 AM To: cf-talk Subject: Re: Product ID - enterprise level application >Are you saying that a uuid is inherently insecure? UUIDs are guaranteed to be unique, but not (afaik) to be unpredictable. I don't know *how* predictable they might be, but for any secure string I wouldn't want to rely entirely on something with potentially knowable/guessable sources - I would want something derived from both secret information and data that is related to the original record. So, I would most likely use some form of double salted hash that incorporates data that relates to that person - but not necessarily name, since that might be changable. Make sense? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323449 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
