• Post Reply Bookmark Topic Watch Topic
  • New Topic

suggest me a better way to store passwords!!  RSS feed

 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I have an application that asks for admin password for changing the settings.Is it better to save this password in an encrypted manner in a file or store it in the registry.This has to be doen because the program may exit & on restart I have to check with the password set.
Happy middling with java.
Netharam.
 
Chantal Ackermann
Ranch Hand
Posts: 508
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
inside Java you could use javax.crypto.SealedObject and serialize it to disc for storage.
c
 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hai, can U give some code snippet of how to do this.Awaiting u'r code.
Happy Middling with java.
Netharam.
 
Sayed Ibrahim Hashimi
Ranch Hand
Posts: 148
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is a class that uses MD5 encryption to store passwords. Bascially, the user will give you a password then you encrypt it and store the encrypted version. So when the user gives you a password later, you encrypt it and compare that with the stored encrypted password. Hope this helps. When you use MD5 encryption you have to keep in mind that this is a "one-way" algrothim, so there is no way to go from the encrypted version to the original password.

[ July 18, 2002: Message edited by: Ibrahim Hashimi ]
 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, Thank you for u'r kind reply at the same time sorry for disturbing u a lot for the code.I could have tried it myself, but I was stuck up & was mentally upset.
Thanks again.
Happy middling with java.
Netharam.
 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi I tied your code & it worked fine,but I've got another problem.I wish to display the password anytime the user requests fot it,but you'r code will not retrieve the original text.How can I solve this one?is it possible?Please reply this one too.
Happy middling with java.
Netharam.
 
Sayed Ibrahim Hashimi
Ranch Hand
Posts: 148
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you have to display the password later you cannot use this algorthim. But in most cases you dont have to know the original password.
Lets say that the user forgets his/her password, then you can email them a new one. All you have to do is set the password manually.
 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ya this sounds better for me.We can also supply a new password instead of retreiving it.
This is ok in the case of passwords,now I have another problem.
I also collect the name of the system which i should contact & store it in a file.I use sockets to connect to that particular system.If it is encrypted & couldn't be decrypted then how can I open the socket & enable the connection?Can u suggest me of something that would solve this?
Netharam.
Happy middling with java.
 
Sayed Ibrahim Hashimi
Ranch Hand
Posts: 148
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are going to have to look into some other algrothims, but I don't know the answer off the top of my head.
You can look through some of the classes in the java.security pacakage
http://java.sun.com/j2se/1.4/docs/api/java/security/package-frame.html
 
netharam ram
Ranch Hand
Posts: 202
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can anyone suggest me of a simple way to do it?
Netharam.
Happy Middling with java.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!