In this tutorial i will show you how you can easily encrypt and decrypt passwords using coldfusion
The first think we need to do is create in encryption password, this is what will be used to encrypt and unencrypt your password. If you loose this then you will not be able to unencrypt any of your encrypted data.
To create this key i will use an application variable so it can be called when needed
Ok, now i will show you how to encrypt your data, this is best done when saving the data to a database. I have a form to add new users so i post this form and just before we insert the data to the database we will encrypt the password with the encryption key
I have assumed that you all know how to make a basic form if you are at the level of encrypting passwords so i shall skip that part.
<cfquery datasource="encryption">
INSERT INTO users (username, password)
VALUES (<cfqueryparam value="#FORM.Nusername#" cfsqltype="cf_sql_clob" maxlength="255">, "#Encrypted#")
</cfquery>
<cflocation url="/Admin/users.cfm" addtoken="yes">
Ok so now we should have a database with a username and encrypted password, but for the users to be able to login we will need to decrypt this password.
This is basicly the same process as before, but we unencrypt the value and use the #Encrypted# variable insted of the #FORM.Password#
<cfquery name="Login" datasource="encryption">
SELECT *
FROM users
WHERE username = '#FORM.username#'
AND password = '#Encrypted#'
</cfquery>
Hope this code is of help to people
discuss this topic to forum
