Both of these replies are good, but what you really want to do is MD5 or SHA encode the password and store the hashed result. Then when the user enters their password, you apply the same algorithm to that, and compare the results. Advantage is that you never store the user's password so even if someone get's the list of passwords, they can't decode them -- in theory no-one ever can.
Clayton -----Original Message----- From: A mailing list about Java Server Pages specification and reference [mailto:[EMAIL PROTECTED]] On Behalf Of Bhushan_Bhangale Sent: 04 July 2002 09:48 To: [EMAIL PROTECTED] Subject: Re: Password encryption Enjoy!!! following are the two classess for encrypting and decrypting. Define a key(write anything abc342d) in key.txt. Data which needs to be encrypted in data.txt. the encrypted data will be written in encrypted.txt when you will run the program. Same for decryption. You can modify the classes if you data is coming from somewhere and going somewhere instead of .txt files. //EncryptUser.java import java.io.FileInputStream; import java.io.FileOutputStream; import java.security.Key; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import javax.crypto.spec.SecretKeySpec; public class EncryptUser { public static void main(String[] args) { try { FileInputStream fiskey = new FileInputStream("key.txt"); byte[] byteData = new byte[8]; fiskey.read(byteData); fiskey.close(); SecretKeySpec secretKey = new SecretKeySpec(byteData, "DES"); Key mykey = secretKey; // initialize the Cipher objects Cipher cipher = Cipher.getInstance("DES", "SunJCE"); cipher.init(Cipher.ENCRYPT_MODE, mykey); // creating the encrypting cipher stream FileInputStream fis = new FileInputStream("data.txt"); CipherInputStream cis = new CipherInputStream(fis, cipher); // writing the encrypted data to output file FileOutputStream fos = new FileOutputStream("encrypted.txt"); byteData = new byte[1024]; int intValue = 0; while ((intValue = cis.read(byteData)) != -1) { fos.write(byteData, 0, intValue); } fis.close(); fos.close(); cis.close(); } catch (Exception exp) { exp.printStackTrace(); } } } //DecryptUser.java import java.io.FileInputStream; import java.io.FileOutputStream; import java.security.Key; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import javax.crypto.spec.SecretKeySpec; public class DecryptUser { public static void main(String[] args) { try { FileInputStream fiskey = new FileInputStream("key.txt"); byte[] byteData = new byte[8]; fiskey.read(byteData); fiskey.close(); SecretKeySpec secretKey = new SecretKeySpec(byteData, "DES"); Key mykey = secretKey; // initialize the Cipher objects Cipher cipher = Cipher.getInstance("DES", "SunJCE"); cipher.init(Cipher.DECRYPT_MODE, mykey); // creating the encrypting cipher stream FileInputStream fis = new FileInputStream("encrypted.txt"); CipherInputStream cis = new CipherInputStream(fis, cipher); // writing the encrypted data to output file FileOutputStream fos = new FileOutputStream("decrypted.txt"); byteData = new byte[1024]; int intValue = 0; while ((intValue = cis.read(byteData)) != -1) { fos.write(byteData, 0, intValue); } fos.close(); cis.close(); } catch (Exception exp) { exp.printStackTrace(); } } } -----Original Message----- From: srinivas tadikonda [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 04, 2002 2:08 PM To: [EMAIL PROTECTED] Subject: Password encryption Hi, How can I do password encryption and decryption. Please sned code for encryption and decryption. Regards Srinivas MSN Photos is the easiest way to share and print your photos: Click Here ======================================================================== === To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com ========================= To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com =========================================================================== To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant FAQs on JSP/Servlets can be found at: http://archives.java.sun.com/jsp-interest.html http://java.sun.com/products/jsp/faq.html http://www.esperanto.org.nz/jsp/jspfaq.jsp http://www.jguru.com/faq/index.jsp http://www.jspinsider.com
