www.webdeveloper.com
Results 1 to 7 of 7

Thread: code for encrypting password

  1. #1
    Join Date
    Sep 2006
    Posts
    4

    code for encrypting password

    hello,

    Please anyone could help me with code, where i have to encrypt the user password and store it in the database.

    ie You would encrypt the password, store it in the database, and when a user tries to log-in you would encrypt the password entered and compare
    it to the one in the database.


    thanking you,
    raji

  2. #2
    Join Date
    Oct 2004
    Location
    The very depths of programming hell
    Posts
    828
    Personally, I would use MD5 to encrypt the passwords; it is a pretty standard algorithm. I used this method in my own code and it works for me:

    PHP Code:
    public static String encrypt(String s)
     {
     try
      {
      
    MessageDigest dig=MessageDigest.getInstance("MD5");
      
    byte[] message=s.getBytes();
      
    dig.update(message);
      
      
    String the_message=new String(dig.digest());
      
      return 
    the_message;
      }
     catch(
    NoSuchAlgorithmException e)
      {
      
    e.printStackTrace();
      }
     
     return 
    null;
     } 
    Remember to import java.security.MessageDigest and java.security.NoSuchAlgorithmException

    Btw I assume you're referring to an applet or a stand-alone application, I have little to no experience in JSP so I don't know how you could do this in JSP.
    >I suck at this game, can you give me some pointers?

    >> 0x278AB4FF, 0xB5822BB4, 0xAD6E673D.

    > I hate you.


  3. #3
    Join Date
    Sep 2006
    Posts
    4
    thank you for your reply. Let me try this with.

  4. #4
    Join Date
    Oct 2004
    Location
    The very depths of programming hell
    Posts
    828
    Did it work OK?
    >I suck at this game, can you give me some pointers?

    >> 0x278AB4FF, 0xB5822BB4, 0xAD6E673D.

    > I hate you.


  5. #5
    Join Date
    Sep 2006
    Posts
    4
    hello,
    actually, iam working with JSP & servlet. more over i have to save the password in encrypted form. then in the next login i have to decript it & compare the password.so working on it. any way thank you once again to give me an idea.

    thanking you

  6. #6
    Join Date
    Sep 2006
    Posts
    5
    Quote Originally Posted by ranjithakd
    hello,
    actually, iam working with JSP & servlet. more over i have to save the password in encrypted form. then in the next login i have to decript it & compare the password.so working on it. any way thank you once again to give me an idea.

    thanking you
    The way that was suggested is a pretty standard way of doing it. You don't want the password to be decrypted so you use a one way hash, ie MD5. You store the encrypted version in the database. When a user supplies a password for login, you perform the same hash and compare it with the stored value.

    Storing password information that can be decrypted is a bad practice.

  7. #7
    Join Date
    Oct 2004
    Location
    The very depths of programming hell
    Posts
    828
    Indeed, it's always best to compare encrypted passwords rather than decrypting them - if it can be decrypted so easily it's insecure. I don't know how to do the same thing in JSP, but I'd reccommend comparing encrypted passwords rather than using a decryptable method, and MD5 is probably your best bet.
    >I suck at this game, can you give me some pointers?

    >> 0x278AB4FF, 0xB5822BB4, 0xAD6E673D.

    > I hate you.


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles