If its really necessary for you to retrieve the password, you may consider using an encoding algorithm like Base64. PHP natively supports it through base64_encode() and base64_decode(). For Java, you will have to use a freely available Base64 Implementation(Just Google for it).
Originally posted by Henry Wong:
If you want to encrypt the password, and later be able to retrieve the password, you need to actually encrypt it. Take a look at the javax.crypto.Cipher class -- which supports a large set of encryption and decryption algorithms.
I have never, in over 30 years of programming, needed to retrieve the password. Just tell the user "you can't retrieve it, but will gladly reset it to xyzzy". Then use a HMAC
If you hard code it into your Java source, then anyone with access to the source has the key. If you keep it in a file/property on the disk, anyone with access to the disk has access to the key.
Its a non-trivial problem, and all solutions have serious security or sysadmin risks.
Actually no. Base64 is *not* an encyption algorithm.
you may consider using an encoding algorithm like Base64.