Of course, most "decrypters" for cfencrypt() > probablywouldn't take very long to decrypt using brute force > techniques, because > most developers I know use very short keys, like "abc123" - your > encryptionkey should be very long, and random).
It depends on many factors, but suffice it to say that the encryption mechanism is very, very weak. Mind you, those functions aren't really meant to protect government secrets. They're just a bit of obfuscation, essentially. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
