IMO, If they plan to store credit card numbers in a database *don't* do it in plain text. Especially if it's an Access database.
What I would do at the very least is encrypt the card number before storing it and then decrypt it when you need to use it. This code will encrypt your card number: CC -> 4444 4444 4444 4444 ECC-> 556274467958045A73655A77464D7E605F5110 <!--- default ccnum param ---> <cfparam name="form.ccnum" default="4444 4444 4444 4444"> <!--- create your encryption key ---> <cfset key="aV@rYl0nGEnCry^Tke$y!3Qfp"> <!--- get the card number from the form post and encrypt ---> <cfset encrypted=cfusion_encrypt(form.ccnum, key)> <cfoutput>#encrypted#</cfoutput> <br> <!--- default encrypted ccnum param ---> <cfparam name="encrypted" default="556274467958045A73655A77464D7E605F5110"> to decrypt <!--- create your encryption key ---> <cfset key="aV@rYl0nGEnCry^Tke$y!3Qfp"> <!--- get the card number from the form post and decrypt ---> <cfset decrypted=cfusion_decrypt(encrypted, key)> <cfoutput>#decrypted#</cfoutput> HTH, Joseph DeVore -----Original Message----- From: Duane Boudreau [mailto:[EMAIL PROTECTED]] Sent: Friday, December 21, 2001 11:23 AM To: CF-Talk Subject: RE: Password Protecting an Access ODBC connection once the odbc connection is created on the box, if anyone knows the dsn name they have access to the db. *I THINK* they are planning on storing CC numbers in the db. Duane -----Original Message----- From: Cary Gordon [mailto:[EMAIL PROTECTED]] Sent: Friday, December 21, 2001 2:09 PM To: CF-Talk Subject: Re: Password Protecting an Access ODBC connection You can password protect the Access database. I don't really understand what you mean by password protecting an ODBC connection. At 01:45 PM 12/21/2001 -0500, you wrote: >A colleague asked if it is possible to password protect an ODBC connection >to an access database, but its been so long since I've used MS Access that >cant remember. Is this possible? ______________________________________________________________________ Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation � $99/Month � Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusiona FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
