File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JDBC and Relational Databases and the fly likes How to store  userName and password in Database? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "How to store  userName and password in Database?" Watch "How to store  userName and password in Database?" New topic
Author

How to store userName and password in Database?

narender kaasam
Greenhorn

Joined: May 15, 2006
Posts: 28
Hi Any one could you tell me how to store "username" , "password" in database?I mean if we store directly as text then there is no security for "username" and "password" ?
Masoud Kalali
Author
Ranch Hand

Joined: Jul 08, 2004
Posts: 531

best practice is to encrypt the user name and pasword or at least the passwords .
it will protect your users sensetive data in case of any database bridge , many net users use a unified username and password for all places that they register..


Masoud Kalali
Software Engineer - My Weblog - GlassFish Security
Scott Selikoff
author
Saloon Keeper

Joined: Oct 23, 2005
Posts: 3740
    
  10

One way to store it such that a user cannot just go into the database and edit it is to use the 'RAW' type.

Although, real encryption often requires an encryption module of some kind. Some Application Servers provide such tools for you whereas others you need to write yourself. Even if you have to write something yourself, at the most it should be a helper method into a certificate. If you start inventing your own encryption/decryption algorithm you've gone too far.


[OCA 8 Book] [Blog]
 
jQuery in Action, 3rd edition
 
subject: How to store userName and password in Database?
 
It's not a secret anymore!