Meaningless Drivel is fun!*
The moose likes Beginning Java and the fly likes how to make a password changable Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » Beginning Java
Bookmark "how to make a password changable" Watch "how to make a password changable" New topic
Author

how to make a password changable

jonelo piad
Greenhorn

Joined: Oct 01, 2012
Posts: 5
hello, i'm new to java and i want to create a program which you need to enter a username and password, but i like to make password changeable. If you knew how please post how and an example
Ashwin Sridhar
Ranch Hand

Joined: Jul 09, 2011
Posts: 272

What you mean by "changeable" ?


Ashwin Sridhar
SCJP | SCWCD | OCA
jonelo piad
Greenhorn

Joined: Oct 01, 2012
Posts: 5
changeable means if the password is 123456 the user has the option to change it
Ashwin Sridhar
Ranch Hand

Joined: Jul 09, 2011
Posts: 272

Are you looking for something like , "Change password on first login". If not please elaborate.
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 38427
    
  23
Ashwin Shridar is correct. Write down on paper how you intend to change a password. Where is the password stored? In a database or something? don’t write a single byte of code until you have worked all that out.
fred rosenberger
lowercase baba
Bartender

Joined: Oct 02, 2003
Posts: 11246
    
  16

clearly, the password is stored somewhere (ok...technically it is usually a hashed version of it). So basically, assuming the user is logged in, you simply write a method that updates the database/flatfile/whatever is storing the current value with the new one.

There isn't anything terribly complicated about it...


There are only two hard things in computer science: cache invalidation, naming things, and off-by-one errors
jonelo piad
Greenhorn

Joined: Oct 01, 2012
Posts: 5
the program have default username and password,
jonelo piad
Greenhorn

Joined: Oct 01, 2012
Posts: 5
it's in a database
Junilu Lacar
Bartender

Joined: Feb 26, 2001
Posts: 4456
    
    6

jonelo piad wrote:If you knew how please post how and an example

You may have already figured out that this kind of request doesn't get you exactly what you want here. ShowSomeEffort (←click) first: think through the problem and come up with an initial solution of your own. You can find many examples on the internet so do a SearchFirst (←click). Come back with more specific questions if you still have doubts.

Good luck.


Junilu - [How to Ask Questions] [How to Answer Questions]
Campbell Ritchie
Sheriff

Joined: Oct 13, 2005
Posts: 38427
    
  23
We don’t know offhand how to do that, but there are standard ways for writing statements and queries for databases. There are also standard ways to insert passwords into databases. As Fred implied earlier, there is usually a password() SQL function which hashes the password. You would usually have a password column in the users table, which you would fill with a default value, e.g.That should be a big enough hint about what to change.

You need to be specific about what you want to insert/change/whatever, otherwise you are liable to be given a misleading answer. Remember, “GIGO”.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1044
    
  10

Campbell Ritchie wrote: As Fred implied earlier, there is usually a password() SQL function which hashes the password. You would usually have a password column in the users table, which you would fill with a default value, e.g.That should be a big enough hint about what to change..


Frequently, the use of the SQL password() function is insecure since it usually does not use a random seed. This makes it is easy to spot two users that have the same password and for dictionary attacks. I can't speak for all databases but this certainly applies to MySQL and Oracle.
Winston Gutkowski
Bartender

Joined: Mar 17, 2011
Posts: 7677
    
  19

jonelo piad wrote:it's in a database

I most certainly hope it isn't - at least not in unencryptyed form.

Passwords, as both fred and Richard have tried to tell you, are usually stored as one-way encryptions, which is why many sites/applications will NOT send you your current password if you forget it. They will send you a new password, and force you to change it as soon as you log in.

I suggest you do the same.

Winston


Isn't it funny how there's always time and money enough to do it WRONG?
Articles by Winston can be found here
Junilu Lacar
Bartender

Joined: Feb 26, 2001
Posts: 4456
    
    6

Winston Gutkowski wrote:They will send you a new password, and force you to change it as soon as you log in.

Some sites don't force the user to change the temporary password after a password reset request. We send a time-sensitive, one-time use token that allows the user to change their password. The token is not usable as a password though. I think more sites are using this approach now.
 
jQuery in Action, 2nd edition
 
subject: how to make a password changable