Hi Tim,
We were faced with a similar dilemma in our app. This is finally what we did :
1. We used MD5 hash to encrypt the password and insert it into the DB.
2. On login user entered password is hashed and matched with the password in the
DB.
3. If user forgets his/her password and performs a
I did some quick research on this recently.
I struggled between choosing any of the following:
1. encode/decode password using Java
2. encode/decode password using database specific methods
3. hashing the password
After doing quite a bit of research on the 'net (java.sun.com mostly), I
decided
For Password encryption (which is one way, you can never get back the original
password, given the encrypted string), there's one
called JCrypt.
For more info. see:
http://www.dynamic.net.au/christos/crypt/Password.txt
--aamir
-Original Message-
From: Andrew H. Peterson
Many database have their own extensions for encryption, or one-way
hashing, used for things like password storage. That's probably the best
choice you could make.
Bryan
On Thu, 2002-03-07 at 19:36, Andrew H. Peterson wrote:
Is there a struts preferred method of handling
4 matches
Mail list logo