This week's book giveaway is in the Programmer Certification forum. We're giving away four copies of OCP Oracle Certified Professional Java SE 21 Developer Study Guide: Exam 1Z0-830 and have Jeanne Boyarsky & Scott Selikoff on-line! See this thread for details.
Hi Any one could you tell me how to store "username" , "password" in database?I mean if we store directly as text then there is no security for "username" and "password" ?
best practice is to encrypt the user name and pasword or at least the passwords . it will protect your users sensetive data in case of any database bridge , many net users use a unified username and password for all places that they register..
One way to store it such that a user cannot just go into the database and edit it is to use the 'RAW' type.
Although, real encryption often requires an encryption module of some kind. Some Application Servers provide such tools for you whereas others you need to write yourself. Even if you have to write something yourself, at the most it should be a helper method into a certificate. If you start inventing your own encryption/decryption algorithm you've gone too far.