I had a similar problem. I found that if I used
<cfqueryparam> on the password parameter, when checking it
against the encrypted value in the database, the error went away.
Below is a sample of the logon verification query that I use in one
of my applications where I use encrypted passwords.
<cfquery name="Q1" DATASOURCE="#dbname#">
SELECT admin_id, expire_date, access_level, enabled
FROM admin
WHERE LOWER(logon_name) = LOWER('#form.v_logon_name#')
AND password = <cfqueryparam value =
"#encrypt(form.v_password, cookie.pw_seed)#" CFSQLType =
"CF_SQL_VARCHAR">
</cfquery>
Phil