File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Java in General and the fly likes howto encrypt and decrypt password ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "howto encrypt and decrypt password ?" Watch "howto encrypt and decrypt password ?" New topic
Author

howto encrypt and decrypt password ?

Nakata kokuyo
Ranch Hand

Joined: Apr 13, 2005
Posts: 438
hi good day, if i'm using following to encrypt password, how to i compare with encrypted password

say i'm using following method to encrypt


and insert into database table



but howto i descrypt back the encrypted password ?

thank you
Tim LeMaster
Ranch Hand

Joined: Aug 31, 2006
Posts: 226
You don't - SHA-1 and things like it are one-way hashes. The way you test if an incoming password matches is to do SHA-1 against the incoming password and see if the hashes match.

That way your passwords aren't recoverable if someone compromises your password file/database.

You should also read up on SHA-1 attack methods, there exists a method for producing SHA-1 collisions fairly quickly.
[ October 03, 2006: Message edited by: Tim LeMaster ]
Cameron Wallace McKenzie
author and cow tipper
Saloon Keeper

Joined: Aug 26, 2006
Posts: 4968
    
    1

hash them both, and compare.

-Cameron McKenzie
Nakata kokuyo
Ranch Hand

Joined: Apr 13, 2005
Posts: 438
thanks for reply, is there an algorithm can use for encrypt and decrypt(2 ways) password? i actually just need to avoid user read the password directly, any sample will highly appreciated , thank you
Tim LeMaster
Ranch Hand

Joined: Aug 31, 2006
Posts: 226
Sure there is you need to look at Crypto not MessageDigest.

However do you need to be able to recover the password? This generally is a bad idea, you can provide a way to reset it, not get the existing one.
[ October 03, 2006: Message edited by: Tim LeMaster ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: howto encrypt and decrypt password ?