There are two ways I have done this. I wrote a Windows
program to access the
encrypted data that was entered in on the web site and hard
coded it into
the compiled program and gave limited access to that PC. The
also tied into the hardware of the computer so it would not
run on any other
system. I liked this way best.
There was a time I have to get the encrypted data from a web
page. I do not
like this way. I have the person that was getting the
encrypted data enter
the key. This was not the public side of the web site.
I do not like storing the key on the web server.
I was not using CF's encryption I was using a third party.
I have no idea what best practice would be this is just what
I have done.
"Andrew Davis" <firstname.lastname@example.org> wrote
> im reading about encrypt / decrypt functions in cf
> i want to encrypt the data when written to the db
> if i dont use the standard encryption algorythem
(CFMX_COMPAT) in favor of
> AES, it generates a secret key.
> thats fine when encrypting, but once i need to decrypt,
where do i get the
> i have to store it somehow or hardcode it into the
calling page.... what
> would be best practice for this?
> Thanks for any advice.