It is not advisable to store email addresses in databases in plain text, so I would like to find out the best algorithm to do this. Options are:
(From the documentation)
CFMX_COMPAT: the algorithm used in ColdFusion MX and prior releases. This algorithm is the least secure option (default).
AES: the Advanced Encryption Standard specified by the National Institute of Standards and Technology (NIST) FIPS-197.
BLOWFISH: the Blowfish algorithm defined by Bruce Schneier.
DES: the Data Encryption Standard algorithm defined by NIST FIPS-46-3.
DESEDE: the "Triple DES" algorithm defined by NIST FIPS-46-3.
Another questions is where should the key be stored? In the database or in the source code? Will it be encrypted or not? If it will be encrypted, then the question raises of how the key that will encrypt the key be stored.
Should it be stored in the source code, will sourceless distribution be good?