According to at least one source, passwords should not be stored as strings in Java since they are immutable and could be readable from memory later even if the reference is nulled. So I was wondering how PasswordTextBox maintains its value under the hood? I know that getText() returns a string but is it coming from an instance variable maintained on the class? If so I was thinking of writing my own class that uses a keypress event handler to maintain a char array which is more secure since it can be nulled out.
Just curious what anyone else's thoughts are on this. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
