Hash is a one-way operation that takes a string input (be it a word or a
book) and produces a 36-byte alphanumeric output based directly on that
string input. Once something has been hash()ed it is not readable again in
plain text.
I have saved hashed credit card numbers in a database. You can't break them
back, but on a refund you *can* tell if the customer is presenting the
original credit-card number because the hash will be the same for identical
input. Same goes for passwords.
There are several variations of hash. CF uses MD5. For a excellent
explanation of hashing, along with other 'stronger' hash functions, download
the cfx_hash tag from the taggallery.
Regards
David Perkins
-----Original Message-----
From: Rick Lamb [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 10, 2000 10:24 AM
To: Fusebox
Subject: RE: Security Help
Stephen,
I'm having a hard time understanding this hash() function. Does this mean
that once something has been hash()ed it is therefore never readable again
in plain text? So then the only way to find out what it is run some sort of
batch that compares it against a dictionary or something similar? Also,
would this function suffice for encrypting credit cards numbers on the
database also?
Thanks,
Rick
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
