How Password stored in database in encrypted format? [closed]_问答_开发者

How Password stored in database in encrypted format? [closed]

开发者 https://www.devze.com 2023-02-16 12:37 出处：网络

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical andcannot be reasonably answered in its current form. For help clari

相关专题：

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 11 years ago. 开发者_运维问答

how to store password in database in encrypted format????

Don't store them encrypted, store them hashed (unless you have a very, very, very good reason why you really need them in cleartext!). Use bcrypt as hashing algorithm.

simply encrypt password before storing to database
see http://www.jasypt.org/

Do not encrypt; hash. And better hash with Salt. In Java you can use Apache DigestUtil to hash. Better hash using SHA256 algorithm.

Then when user passes his password, you hash the password match against hashed password. If the two hashes match, you got the correct password.

You can store the Hash-Value (MD5/SHA1) of the Password in your Database and compare it eachtime with the calculated Hash of the Usersinput. You will not be able to retriev the password but to rests it to a generated one which the user have to change on his next Login.

And here you have a very good article.