The decrypt function works on the first pass through of the looped query, without fail. Everything after that is a flop. I generate a new key on every pass thru and encrypt and decrypt with the same key. This is driving me bonkers.
Am I doing something incorrectly here, or is this an issue with Lucee?
Turns out the error I was having was my own stupidity. I was testing on a table that already encrypted data. The only one “working” was mine because thats the only one I had changed tp plain text. The others were working as well It’s just the decrypt function was spitting out the already encrypted files that I’d forgotten already had hashed PW’s in them.
Just a little note. I’m not a security expert at all, but from my understanding, it’s not good security practice to store decryptable passwords anywhere at all. Please, really consider changing that into a one way password hashing and also including salt and pepper into that.
There is a really wonderful blog post about this from @andrew that from my point of view should be a must read to any cfml developer who develops apps with accounts, passwords and logins:
No matter how unimportant or uncritical your app might be, please consider it and try to implementing it as hashing and not as reverse decryptical strings.
That’s been the reply that I got form a lot of people. Looks like I need to revamp my password recovery system to be more of a change your password instead.
It’s funny - It always AFTER you post - and seems to be always AFTER someone else has "helped’… that you realise you were the problem… or it was spectacularly obvious…
I’m not saying I’m stupid… but…
Happens to me all the time!