> <cfcookie name="Username" value="#encrypt(CheckMember.Username, > request.key)#" expires="NEVER">
The encoding of the returned encrypted string is causing the problem. The code above should be -: <cfcookie name="Username" value="#URLEncodedFormat(encrypt(CheckMember.Username, request.key))#" expires="NEVER"> According to the doco's, encrypt(), only uses a pseudo-random 32-bit key. Not very secure considering AES uses 256-bit key. Even DES uses a 56-bit key. AES was approved by the US government in 2001 to replace DES and 3DES. What are the chances of an upgrade to the function seeing as Java (as of 1.4) includes an AES API? --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
