Dwayne Barsotta wrote:No to my actual problem. Encryption of the users password. I know I can encrypt the data in the database itself but will the retrieved data be in usable form when returned back to me or will I have to run it through some decrypter? This is not really effective. What I would rather do is encrypt the password into the database. Can this be done? Just encrypt one element of a database? Also when I retrieve the password to compare it to the one used to log in with. Will the retrieved password be readable by my application? If not how would you recommend this? I was thinking if the retrieved password comes back encrypted, then I might have to add a tuple to a table for storing "attempted login passwords" in a table that is encrypted. Then I can retrieve both the encrypted passwords and see if they are both correct.
Does anyone have any insite into this? I really don't need to encrypt all the data in the database. I want to be able to access the database using squirrelSQL later. If the data is encrypted then I won't be able to read the data.
A last option is to include an encryption routine in java code. Run the password though this, then store the result in the database. Then I could run the "login" password through the same process and compare the result to the password stored in the database?
I just want to implement a user/pass system to keep other techs that have login credentials from snooping at other techs.