• Post Reply Bookmark Topic Watch Topic
  • New Topic

Encrypt/Decrypt  RSS feed

 
Pankaj Patel
Ranch Hand
Posts: 74
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi.
Sorry if i has posted this question in wrong place.


-> I am right now storing important detail like password and many more relavant things, in a table without encyption. So can anyone suggest me the most difficult encryption/decryption program or any utility, with the help of which i can store the encrypted password and decrypt it when required.

-> And it should be difficult for developer also to decrypt.

-> I think LDAP Server is also better solution.

So does any one has perfect solution?


=================================
Thanks & Regards,
Pankaj Patel.
SCJP 1.5
=================================
Enjoy the World of Programming
=================================
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Passwords should not be encrypted, they should be hashed. A hash is a one-way transformation that is impossible to undo; MD5 is an example of a hash algorithm. You can think of it as being encrypted, but not having the key to decrypt it. The hash of the password should be stored in the database. Then, when someone tries to log in, the password the person just entered is also hashed, and compared to the one in the database. If both match the correct password was given. This method has the advantage of not needing keys for decryption, and the original passwords not being recoverable in case of security breaches.

For other pieces of data that need to be stored, and for which the cleartext needs to be available (like credit card data, or personal information), check out the JCE API, which is the standard way of en-/decrypting data in Java. You'll find some information about it and further links in the http://faq.javaranch.com/java/SecurityFaq
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!