The idea behind securing any site is prevent access from anyone who does not
have access to the proper credentials to access the site
you should store the salt in the database if and only if you want to provide
dbas the ability to encrypt/decrypt your password
otherwise store the salt elsewher
On Wed, May 8, 2013 at 3:06 AM, Tania Marinova wrote:
>
> I store the hashed password but also the salt in a separate column (because
> I should hash then the plain text password with the same same hash)
>
IMHO you are not doing this correctly, you want to store the result of
the salt + hash, ie
yes, the null point exception is in these rows
if((pwcb.getIdentifier().equals("bob")) &&
(passwordforchecking.equals(pasandsalt[0])) )
and
passwordforchecking =
hash(pwcb.getPassword(),Base64.decodeBase64(pasandsalt[1]));
But the problem that dr
On Wed, May 8, 2013 at 8:34 AM, Tania Marinova wrote:
> yes, the null point exception is in these rows
>
> if((pwcb.getIdentifier().equals("bob")) &&
> (passwordforchecking.equals(pasandsalt[0])) )
>
>
> and
>
> passwordforchecking =
> hash(pwcb.getPassword(),Base64.
First thank you robert for everything; You really help me a lot and I want to
appologise for taking your time
2. I finally decided to try this-
if(pwcb.getPassword()==null)
{
try {
throw new Exception ("getPassw
