I am storing password in encrypted form in mysql. Now when the user logsin back, I am retrieving those values from the table and comparing those values with the encrypted value of the password of the user who is trying to login but the problem is that I am getting different values from my tables.
I have used rs.getString ("password") where password is the field name.
This value is in the table ���7�����]�����7vg� But the retrieved value is ???7???]???7vg?
Quote: "The BINARY and VARBINARY types are similar to CHAR and VARCHAR, except that they contain binary strings rather than non-binary strings. That is, they contain byte strings rather than character strings. This means that they have no character set, and sorting and comparison is based on the numeric values of the bytes in column values."
A couple points. 1. A agree with the previous posts about binary != text. 2. For things like passwords, you can use a one-way *digest* (MessageDigest) instead of an encryption because there is usually no need to decrypt passwords -- it's enough to digest what the user types in and then compare it to the original digested password. 3. It's a good idea not to store *just* the password, either encrypted or digested. That is because jim could notice that both he and sally have the same stored value in the password column, therefore he and sally must have the same password! I usually combine the password and username when digesting.
There is no emoticon for what I am feeling!
The harder I work, the luckier I get. -Sam Goldwyn So tiny. - this ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop