Hi People

I am putting together a back office app for a local authority where the images are very sensitive, nothing bad just personal information stuff.

has anyone got any comments on the best way to secure these. I was thinking of hashing the directory name and image so no one would ever be able guess it, for instance the URL of the image would be something like


Would this be regarded as a secure method if no directory browsing is alowed?

granted once the user browses to it they would have the image in their cache but I am looking at only giving access to images to the administrators who would have the images on their computers anyway.

The only other thing I can think of is in some way serving the image back to a temporary directory or inline data which would destroy when the page closes?

Any thoughts?

Thanks in advance