My Account   Contact Us    
  
» HomeProductsSupportDeveloper CommunityCompany
Encrypting passwords with ColdFusion
Author: Pete Freitag
Category: ColdFusion
Encrypting passwords in a database with ColdFusion


It is often necessary to store passwords in an encrypted for in a database. ColdFusion's Encrypt function can leave a lot of unfriendly characters, you can add another step of encoding by using the ToBase64 function in ColdFusion. The ToBase64 function will encode your encrypted string in a set of printable characters. You can also decode the base64 encoded data if necessary using the ToString function.

<cfset pwd = "secret">
<cfset enc = ToBase64(Encrypt(pwd, pwd))>

<!--- now to check passwords --->
<cfif ToBase64(Encrypt(form.pwd, form.pwd)) IS enc>
  Valid Password
<cfelse>
  Invalid
</cfif>

The value of enc in this example is:

JjJIW1pCNTozCg==

(the equal signs are used for padding in base 64)

Note that when you are encrypting passwords you don't need to use a reversible encryption. To check to see if a password is valid simply encrypt the password as it was inputed with the encrypted password stored in the database, if they match then the password is correct.

You can also use the Hash() function for encrypting passwords.



Content Management Powered by ActivEdit  ActivEdit Browser Based WYSIWYG HTML Editor

More Code Samples

Sign up for our newsletter: | Subscribe with RSS: RSS
© ActivSoftware 1999 to 2005 | Privacy Statement