I think I am understanding it a little more now. It seems as long as you don't decrypt it or store the keys in an "insecure" place, you are good to go. You can just compare the encrypted strings to see if a password matches or not.
I'm curious though, whats the difference between the actual Encrypted Files features vs. the ENCRYPT function in BASIC? I'm guessing you might use encrypted files if you are doing something like credit cards? On Mon, Sep 19, 2011 at 2:48 PM, John Hester <jhes...@momtex.com> wrote: > John, sorry for the delayed reply to this thread - I've been off-site > for a week without easy access to the list. David's response is correct > for most situations, but for your original example of encrypting a > user-specific password that only they have access to, you should be able > to do what you're suggesting. The password that's being encrypted can > also be its own encryption key. You won't need to store the key > anywhere and if the user forgets it you can just reset the encrypted > data to a new value. Pretty simple and elegant solution, IMHO. > > -John > > -----Original Message----- > From: u2-users-boun...@listserver.u2ug.org > [mailto:u2-users-boun...@listserver.u2ug.org] On Behalf Of David Jordan > Sent: Monday, September 12, 2011 3:16 PM > To: U2 Users List > Subject: Re: [U2] ENCRYPT in Universe > > Hi John > I have not played around with the encryption, but to my knowledge this > is not the way it works. The password is related to the data encrypted, > not to the user, so every user would require the same key for the data. > To change the key you need to unencrypt and reencrypt the data. > > The other option is encryption at rest where the whole database is > encrypted. This has been greatly enhanced in Rel11 of UniVerse. > > Regards > David Jordan > > -----Original Message----- > From: u2-users-boun...@listserver.u2ug.org > [mailto:u2-users-boun...@listserver.u2ug.org] On Behalf Of John Thompson > Sent: Monday, 12 September 2011 10:35 PM > To: U2 Users List > Subject: Re: [U2] ENCRYPT in Universe > > As far as passwords are concerned, I could use their password as the > key? > That way it would be different every time, and in order for it to be > decrypted, they would have to supply the right password, otherwise, they > would have to reset it... > > Is that a decent way of doing it? > > _______________________________________________ > U2-Users mailing list > U2-Users@listserver.u2ug.org > http://listserver.u2ug.org/mailman/listinfo/u2-users > -- John Thompson _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
