store them as two values: pgp encrypted, and hashed to confirm the decrypt.
this is probably overkill for the password. might just want to store the hash of the password, then when a user wants to log in, compare the hash with the password they gave, hashed. of course this won't work if you ever want to tell them what their password _was_. --jim -----Original Message----- From: Chuck Esterbrook [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 18, 2002 4:20 PM To: [EMAIL PROTECTED] Subject: [Webware-discuss] encryption I need to encrypt the passwords and credit card numbers in my database. Any recommendations on an approach? -Chuck _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss _______________________________________________ Webware-discuss mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-discuss
