I'm working on a web application.in the login page,I have to check the user password and compare with the encrypted password stored in database. anybody can recommand some easy encryption sample to encrypt and decrypt password

Bob Lee

What you want is a one way hash rather than encryption, decryption. You store the hashed password in the database. When you get the password at login time, you hash it and compare it to the version stored in the database. There is absolutely no way to derive the real password from the persisted version.

This is very easy. Use the java.security.MessageDigest class, http://java.sun.com/j2se/1.3/docs/api/java/security/MessageDigest.html. It doesn't really matter which algorithm you choose, MD5 or SHA, but there's plenty of documents on Google comparing the two.

0 Comments  (click to add your comment)
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

About | Sitemap | Contact