Sticking with V6...

This is mainly for borg but anyone else can help then great.

I've spent a lot of time customizing v6 before v7 was released and although v7 looks great I think i'll stick to v6 because it works fine for me and it would take me too long to customize the forum again.

I was wandering while you were updating the forum to v7 what obvious code changes could I make to the latest v6 to:

+ improve the speed
+ increase security
 
Also how easy is it to implement the     160bit Encryption of passwords?

Thanks.

It is easy when you use sql server. password encryption is built in with sql server. so if someone signs up you create the account with a query like the following:
strSQL = "INSERT INTO tblAuthor (Username, [Password]) Values ('"
strSQL = strSQL & Username & "', pwdencrypt('" & strPassword & "')"

I left other fields out. But this function created the password. But one thing you should change is change the field type of the password to binary.

Now when someone logs in you need to compare the clear text password that is submitted by the form with the encrypted value. You could do something like the following:
strSQL =          "Declare @LoginUser varchar(30) "
strSQL = strSQL & "Declare @EncryptedPIN varbinary(255) "
strSQL = strSQL & "Select @LoginUser = (Select Username from tblAuthor where Username = '" & strUsername & "') "
strSQL = strSQL & "Select @EncryptedPIN = (Select [Password] from tblAuthor where Username = @LoginUser) "
strSQL = strSQL & "Select @LoginUser AS Username, pwdCompare('" & strPassword & "', @EncryptedPin, 0) AS Success "
strSQL = strSQL & "FROM tblAuthor where Username = @LoginUser"

Now you just read out the value Success if it is 0 then the login failed if it is 1 it was successful. It works very well for me and you would just have to encrypt existing passwords manually using some code. Hope that helps.

well access is the opposite of secure. sure there will always be ways to improve but it's just the nature of access to be unsecure and slow.