Hello. I'm using the ColdFusion encrypt function to secure
data in a database, but I want to keep the encryption key secure so
any developers with access to the code won't be able to see the key
and use it to decrypt information from the database.
Does Adobe have a recommended procedure for handling this? In
the past, I've used the cfencode.exe utility in the ColdFusion8/bin
directory to encrypt a file containing the encryption key and then
use cfinclude to read the key before doing an
encryption/decryption. But I'm wondering if there is a better way
of handling this, particularly with split keys so no one person
knows the full key.