wood burning stoves 2.0*
The moose likes General Computing and the fly likes Where to keep my passwords Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » General Computing
Bookmark "Where to keep my passwords" Watch "Where to keep my passwords" New topic

Where to keep my passwords

Matthew Roth

Joined: Jan 30, 2001
Posts: 19
I posted a topic on the ranch about where I should keep my user names and passwords. Somebody told me a properties file would be a good place. Why? Couldn't someone just open it and change the data? I'm using a message digest so I don't think they could get into the program, but they sure could mess it up, right?
My idea is to use a database with a password on it, so the only way the could access the database is if they had the source code.
Am I correct on these assumptions? Thanks
Frank Carver

Joined: Jan 07, 1999
Posts: 6920
Depending on how you set it up, a database could actually be less secure than a properties file. Most modern databases provide network connectivity by default, so for someone to attempt to hack into the database might be easier than you think.

Read about me at frankcarver.me ~ Raspberry Alpha Omega ~ Frank's Punchbarrel Blog
Matthew Roth

Joined: Jan 30, 2001
Posts: 19
Can you secure a properties file (with a password)? Or should I just encrypt it?
Thanks for the reply
Matthew Roth

Joined: Jan 30, 2001
Posts: 19
Is there a place where I can find out more about using a properties file (or using passwords) in Java? I've searched the Sun's Java website and haven't found anything really useful. Thanks
William Barnes
Ranch Hand

Joined: Mar 16, 2001
Posts: 984

Here are some:
sun site info
and another
and another

Please ignore post, I have no idea what I am talking about.
I agree. Here's the link: http://aspose.com/file-tools
subject: Where to keep my passwords
Similar Threads
Encrypted Password for Oracle JDBC
Encrypting Password in Database
custom security (authentication)
Where should I keep my passwords?
Regarding: Encryption of Password in Oracle