Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

mysql encrypt()

 
Peter Straw
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We have to use the mysql encrypt() function to store passwords in a database. Does anybody know how to use java to verify if a password submitted by a user matches the mySQL encrypted password in the database please?
Many thanks.
 
Sainudheen Mydeen
Ranch Hand
Posts: 218
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you have a method in mysql to compare a value with an encrypted value column of your table, you can use the same method in SQL statement of your JDBC code. JDBC API simply passes SQL to the database.
-Sainudheen
 
Peter Straw
Ranch Hand
Posts: 79
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes thanks, but it seems that every time the mysql encrypt( )function is called it returns something different. For example
select encrypt("password");
run several times will return a different value each time.
 
Gregg Bolinger
Ranch Hand
Posts: 15304
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would suggest using the MD5 function in MySQL to store the passwords. This ensures a standard hash for any 3rd party app that must authenticate to the database somehow.
Usage of the MD5 function can be found here
When you use the encrypt function, it is using the same thing as the UNIX crypt command which requires a "salt" to be given to the algorithm. The salt is not required, so when you don't provide the "salt" I think MySQL randomly chooses one for you. So that is probably why it is different everytime.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic