• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to make a password changable

 
jonelo piad
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hello, i'm new to java and i want to create a program which you need to enter a username and password, but i like to make password changeable. If you knew how please post how and an example
 
Ashwin Sridhar
Ranch Hand
Posts: 277
Flex Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What you mean by "changeable" ?
 
jonelo piad
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
changeable means if the password is 123456 the user has the option to change it
 
Ashwin Sridhar
Ranch Hand
Posts: 277
Flex Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Are you looking for something like , "Change password on first login". If not please elaborate.
 
Campbell Ritchie
Sheriff
Pie
Posts: 49367
62
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ashwin Shridar is correct. Write down on paper how you intend to change a password. Where is the password stored? In a database or something? don’t write a single byte of code until you have worked all that out.
 
fred rosenberger
lowercase baba
Bartender
Posts: 12143
30
Chrome Java Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
clearly, the password is stored somewhere (ok...technically it is usually a hashed version of it). So basically, assuming the user is logged in, you simply write a method that updates the database/flatfile/whatever is storing the current value with the new one.

There isn't anything terribly complicated about it...
 
jonelo piad
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
the program have default username and password,
 
jonelo piad
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
it's in a database
 
Junilu Lacar
Bartender
Posts: 7480
50
Android Eclipse IDE IntelliJ IDE Java Linux Mac Scala Spring Ubuntu
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
jonelo piad wrote:If you knew how please post how and an example

You may have already figured out that this kind of request doesn't get you exactly what you want here. ShowSomeEffort (←click) first: think through the problem and come up with an initial solution of your own. You can find many examples on the internet so do a SearchFirst (←click). Come back with more specific questions if you still have doubts.

Good luck.
 
Campbell Ritchie
Sheriff
Pie
Posts: 49367
62
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We don’t know offhand how to do that, but there are standard ways for writing statements and queries for databases. There are also standard ways to insert passwords into databases. As Fred implied earlier, there is usually a password() SQL function which hashes the password. You would usually have a password column in the users table, which you would fill with a default value, e.g.That should be a big enough hint about what to change.

You need to be specific about what you want to insert/change/whatever, otherwise you are liable to be given a misleading answer. Remember, “GIGO”.
 
Richard Tookey
Bartender
Posts: 1166
17
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Campbell Ritchie wrote: As Fred implied earlier, there is usually a password() SQL function which hashes the password. You would usually have a password column in the users table, which you would fill with a default value, e.g.That should be a big enough hint about what to change..


Frequently, the use of the SQL password() function is insecure since it usually does not use a random seed. This makes it is easy to spot two users that have the same password and for dictionary attacks. I can't speak for all databases but this certainly applies to MySQL and Oracle.
 
Winston Gutkowski
Bartender
Pie
Posts: 10422
63
Eclipse IDE Hibernate Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
jonelo piad wrote:it's in a database

I most certainly hope it isn't - at least not in unencryptyed form.

Passwords, as both fred and Richard have tried to tell you, are usually stored as one-way encryptions, which is why many sites/applications will NOT send you your current password if you forget it. They will send you a new password, and force you to change it as soon as you log in.

I suggest you do the same.

Winston
 
Junilu Lacar
Bartender
Posts: 7480
50
Android Eclipse IDE IntelliJ IDE Java Linux Mac Scala Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Winston Gutkowski wrote:They will send you a new password, and force you to change it as soon as you log in.

Some sites don't force the user to change the temporary password after a password reset request. We send a time-sensitive, one-time use token that allows the user to change their password. The token is not usable as a password though. I think more sites are using this approach now.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic