My mistake--I was talking about CF's file encryption for templates and such. I don't know about cfcrypt().
Jeff Polaski Manager, Web Services Research & Graduate Studies University California, Irvine -----Original Message----- From: BILLY CRAVENS [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 12:37 PM To: CF-Talk Subject: Re: Credit Card Encryption Are you sure about the cfencrypt() function? I don't think it's "crackable", though any encryption is if you throw enough keys at it. Rather, the encryption for encrypting files (like encrypted custom tags) has been cracked for a long time (since it requires no user selectable key). ----- Original Message ----- From: "Jeffrey Polaski" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, December 04, 2001 2:29 PM Subject: RE: Credit Card Encryption > You can also remove the CC numbers from the database. We don't process a > huge amount of CC's, so we just run some SQL to set all but the last four > digits to 'x' after having copied the good cc numbers to a floppy. The > floppies go to a locked managers office. That way the numbers aren't even > on the network. We don't do it every day, but once a week or so--enough that > there aren't very many CC number sitting in the db. > > One suggestion: write a stored procedure that writes the CC numbers out to > disk, then run GnuPG on the file, and then set all but the last four CC > digits to 'x'. You could do it with a chron job, or use a scheduled task in > CF. I think that would work for you. > > One note: cfencrypt(), AFAIK, has been cracked. I'm not sure if that's true > of recent versions of CF, though. > > > Jeff Polaski > Webmaster > Research & Graduate Studies > University California, Irvine > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, November 29, 2001 9:43 AM > To: CF-Talk > Subject: Credit Card Encryption > > > Does anyone have any insight on encrypting data into a Table? A client is > asking about storing CC numbers and I want to see what level of protection > we can provide. > > TIA! > > Hatton > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
