File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JDBC and the fly likes Encrypting Password in Database Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC
Bookmark "Encrypting Password in Database" Watch "Encrypting Password in Database" New topic
Author

Encrypting Password in Database

Shailesh Pillai
Ranch Hand

Joined: Jan 24, 2006
Posts: 78
Hello Ranchers,
I want to encrypt the passwords that i am storing in my database. How can I achieve this?

Does anyone have the code or can anyone suggest any URL where I can get MD5 algorithm to encrypt passwords that I am storing in my database.
Jan Cumps
Bartender

Joined: Dec 20, 2006
Posts: 2477
    
    7

Originally posted by Shailesh Pillai:
Hello Ranchers,
I want to encrypt the passwords that i am storing in my database. How can I achieve this?

Does anyone have the code or can anyone suggest any URL where I can get MD5 algorithm to encrypt passwords that I am storing in my database.


The Tomcat code for RealmBase is a good reference.
http://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java

It's main() is a good starting point to see how you can get an encrypted password.

And it's authenticate(String username, String credentials) is a good starting point to see how you can do the matching.

Regards, Jan


OCUP UML fundamental and ITIL foundation
youtube channel
Kaustabh Singha Roy
Ranch Hand

Joined: Oct 04, 2005
Posts: 43
Many databases like PostgreSQL has built in functions for performing a MD5 encoding. Check your database carefully.

At http://www.jonh.net/~jonh/md5/MD5.java you will get a working implementation in java.

Enjoy.
[ February 13, 2007: Message edited by: Kaustabh Singha Roy ]
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39549
    
  27
Note that MD5 is not a cipher (an "encryption"), but a hash. Once something has been run through MD5, there is no way of getting back the original text. The best you can do is run something else through MD5, and then compare the result with the original hash. That may or may not be what you're looking for.


Ping & DNS - updated with new look and Ping home screen widget
D Rog
Ranch Hand

Joined: Feb 07, 2004
Posts: 472

Secret key based algorithms are also weak because it's difficult to keep a key safe. I use custom code based encryption which makes it not easy to break.


Retire your iPod and start with HD Android music player Kamerton | Minimal J2EE container is here | Light weight full J2EE stack | and build tool | Co-author of "Windows programming in Turbo Pascal"
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Encrypting Password in Database
 
Similar Threads
Encrypting Passwords in WebSphere
Password Encryption
To Encrypt Password before storing using hibernate
Encrypt/Decrypt Hashing method
JSP & SSL