On Wednesday 05 Dec 2007, rmarples wrote:
SharedObject because it's not sensitive, but for the password the
salesforce.com security requirements are such that you can only store local
passwords if you encrypt them
SharedObject is encrypted, to all intents and purposes.
requirement just
- Original Message -
From: Jeffry Houser [EMAIL PROTECTED]
To: flexcoders@yahoogroups.com
Sent: Wednesday, December 05, 2007 2:22 PM
Subject: Re: [flexcoders] Re: Local storage of password
That'd be too easy. He stated that he needs to prevent the user from
re-entering the password
, December 04, 2007 5:39 PM
To: flexcoders@yahoogroups.com
Subject: [flexcoders] Re: Local storage of password
Hi Jeff - Thanks for the response. By the way, great podcast :)
I will look into the encryption libraries that both you and William
mentioned but I'm
wondering how they handle the encryption
That'd be too easy. He stated that he needs to prevent the user from
re-entering the password upon their next use of the application.
Tom Chiverton wrote:
On Tuesday 04 Dec 2007, rmarples wrote:
requirement that I can't store the encryption key in the source code as a
string literal. I'm
@yahoogroups.com
Sent: Wednesday, December 05, 2007 4:40 PM
Subject: Re: [flexcoders] Re: Local storage of password
I think that's a simple (yet elegant) solution.
I wish I thought of it.
Paul Andrews wrote:
- Original Message -
From: Jeffry Houser [EMAIL PROTECTED]
To: flexcoders
: Wednesday, December 05, 2007 2:31 AM
Subject: Re: SPAM-LOW: [flexcoders] Re: Local storage of password
( Thanks for listening; glad you enjoy )
You are working on an application with very odd security requirements.
I almost think you'd be better off with a completely open web
I think that's a simple (yet elegant) solution.
I wish I thought of it.
Paul Andrews wrote:
- Original Message -
From: Jeffry Houser [EMAIL PROTECTED]
To: flexcoders@yahoogroups.com
Sent: Wednesday, December 05, 2007 2:22 PM
Subject: Re: [flexcoders] Re: Local storage
That'd be too easy. He stated that he needs to prevent the user from
re-entering the password upon their next use of the application.
So compare hashes again... ?
Tom
Please note, as of 10th December 2007 the registered office address
- Original Message -
From: rmarples [EMAIL PROTECTED]
To: flexcoders@yahoogroups.com
Sent: Wednesday, December 05, 2007 11:30 PM
Subject: [flexcoders] Re: Local storage of password
Well the thing about this application is, I don't own the server. I'm
using a 3rd party
Internet web
On Tuesday 04 Dec 2007, rmarples wrote:
requirement that I can't store the encryption key in the source code as a
string literal. I'm wondering if you or anybody else has ideas on how to
handle this?
Sorry to jump in mid-thread, but if you just need to check a password is the
same as one
Tracy - Isn't MD5 a hashing algorithm? Meaning I can only encrypt, not decrypt?
I don't
think this would work for this scenario would it?
Ryan
--- In flexcoders@yahoogroups.com, Tracy Spratt [EMAIL PROTECTED] wrote:
There is an MD5 library available for AS3 that I have used.
Tracy
I believe this was posted last week, but it is a great library and
bears repeating:
http://as3crypto.riaforge.org/
-- William
--- In flexcoders@yahoogroups.com, rmarples [EMAIL PROTECTED] wrote:
I have a requirement to take credentials used for an external web
service and cache them
locally
Yes, MD5 is a hashing algorithm and it is unlikely you'd be able to
take a hash and get the original text (in a timely / efficient manner).
There are a few AS3 encryption projects. ASCrypt3:
ascrypt3.riaforge.com and Crypto http://crypto.hurlant.com/
Both of them have 2-way encryption
Is this a Flex app on a web page? I am not sure about an AIR project but
with Flex and webservices, you still have the benefit of cookies and
sessions. I am working a project that uses a standard web page login
that gets the user logged in and the session started. After that it
moves to the
Hi Jeff - Thanks for the response. By the way, great podcast :)
I will look into the encryption libraries that both you and William mentioned
but I'm
wondering how they handle the encryption key. I have a requirement that I can't
store the
encryption key in the source code as a string
( Thanks for listening; glad you enjoy )
You are working on an application with very odd security requirements.
I almost think you'd be better off with a completely open web service.
You might store the encryption key in a database or server side / non
web accessible XML and use some
the password!
Paul
- Original Message -
From: Jeffry Houser [EMAIL PROTECTED]
To: flexcoders@yahoogroups.com
Sent: Wednesday, December 05, 2007 2:31 AM
Subject: Re: SPAM-LOW: [flexcoders] Re: Local storage of password
( Thanks for listening; glad you enjoy )
You are working
17 matches
Mail list logo