http://qs321.pair.com?node_id=354702


in reply to Crypt::CBC and verifying passwords

You really should know that storing passwords client side in a cookie is a bad idea. Encrypt and compare baby, all the way, SERVER side.