Torrent Girl wrote:
Did you have a problem with timeouts or out of memory errors?
I have quite a bit of records
A loop like that shouldn't have any issues. Now, with that said I
haven't used generateSecretKey() for generating salt. Wouldn't
surprise me a bit if it was resource-intensive. Personally I always
used createUUID() to salt my records. In fact, I make it a practice
on general principles to keep an indexed UUID-containing field in
every table and find it often comes in handy for a variety of things.
Years ago I wrote up a system called AccessMonger. The Lite version
is free and still on the Exchange
http://www.adobe.com/cfusion/exchange/index.
cfm?event=extensionDetailloc=en_usextid=1002753
It does all the stuff you are talking about. Stores salted, hashed
pwds, supports pwd expiry and automated warnings (your pwd will
expire in 10 days, change it or perish in flames), has user-driven
password reset (not recovery) via hint/answer etc. Its old code but
it works and if nothing else will give you a feature set and basis to
write up your own system.
--
--m@Robertson--
Janitor, The Robertson Team
mysecretbase.
com
wow thanks. checking this out now
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:355241
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm