I prefer "plain text" emails myself so apoligies at my reluctance to assist in the dessimination of virri, rogue scripts, annoying pop-ups, etc.
I've been a major ColdFusion user now for 8 years. Starting since it was delivered either on floppy disks or small enough downloads to fit on a floppy disk to the uber monger 80+Mb download CFMAX has become today. Security is VERY important in this day of Intranets/Extranets/Internet sites that feature - especially - the ability to add/edit/delete content. 8 years later I'm reluctant to deal with anyones credit card details via CF. CF is not the problem for me however - just the nature of the Internet. I recently attended the inugural MXDU 2003 conference in Sydney and one of the keynotes dealt with "logon" security. To cut a long story short - if you want to truly secure your login scripts you must use some form of encryption. SSL (Secure Sockets Layer) in tandem with your own encryption would be a good start. Rembember that for example SQL Server doesn't offer a "password" field like MS Access. Together with an encryption key and SSL you can offer a secure environment over the Internet - at least so long as you enforce strict password rules. Good Luck (wish me luck to in my implementation). PT Coldgen (www.coldgen.com) --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/
