Ron Johnson wrote:
> On 06/04/07 17:54, Guy Rouillier wrote:
> >Many people consider two-way encryption to be insecure; two-way
> >encryption means you can decrypt a value if you know the key, and it is
> >insecure because you usually have to put the key into the source code.
> >That means at least one person in your company, the programmer
> >maintaining the source code, can learn all of your users' passwords.
>
> Two-way encryption is needed for companies that store customer
> credit cards.
I thought that the advice for companies storing customer CCs was: don't.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.