> > If you're encrypting, with plans to > decrypt later, then you'll have to store the key as well.
Yea.. the idea is the key should be stored. If these are passwords you are encrypting, Ideally you should not store them in any way that that can be decrypted. But if you need to decrypt them, then you will need to store the keys along with the encrypted data (another table/database preferred). If you are trying to encrypt passwords, I had good luck borrowing some concepts from this code. http://github.com/virtix/cfcrypto which uses extreme HASH methods that utilize a SALT for each variable and iterates over the process 1024 times. But it may be too extreme for what you need, also the HASH is irreversible, so its only really suitable for passwords. -- /Kevin Pepperman ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:330812 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
