i want to encrypt the password and store in the database.
i extract character find ascii value of that and changed that value and stored in the database.but when i use this it wont have much security.
can anyone help me for password encryption.i m using JSP+HTML
kalaiselvi.v
0
Newbie Poster
Recommended Answers
Jump to Postuse some algorithm for encryption...like RC4 algorithm
All 4 Replies
vinod_javas
65
Practically a Posting Shark
use some algorithm for encryption...like RC4 algorithm
peter_budo
2,532
Code tags enforcer
Team Colleague
Featured Poster
You can even create your own encryption/decryption algorithm. Put all the characters which are allowed to be in username & password into array. Pickup some number for example 4 and if you get "a" in username/password replace it with "e" and you have your algorithm. But yes there is plenty algorithm online, but be aware for some of them you have to pay and secondly you need your server admin get add for you. Also you shouold use servlets not only JSP's.
tonakai
9
Junior Poster
Pickup some number for example 4 and if you get "a" in username/password replace it with "e" and you have your algorithm.
isn't it ceasar cipher :P
if you want to store passwords in db, i suggest you cryptographic hash functions
with hashing even if someone broke into your database they only see hashed-passwords...
many languages have hashing API's you can easily find them in their documentations or in the internet.
meprasobh
-3
Newbie Poster
import javax.crypto.Cipher;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import java.security.Key;
import java.security.InvalidKeyException;
public class EncriptAndDecript {
private static String algorithm = "DESede";
private static Key key = null;
private static Cipher cipher = null;
private static EncriptAndDecript obj = new EncriptAndDecript();
private EncriptAndDecript() {
try {
key = KeyGenerator.getInstance(algorithm).generateKey();
cipher = Cipher.getInstance(algorithm);
} catch (Exception e) {
}
}
public static EncriptAndDecript getInstance() {
return obj;
}
public static byte[] encrypt(String input)
throws InvalidKeyException,
BadPaddingException,
IllegalBlockSizeException {
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] inputBytes = input.getBytes();
return cipher.doFinal(inputBytes);
}
public static String getEncryptStringValue(String input) throws InvalidKeyException,
BadPaddingException,
IllegalBlockSizeException {
return new String(encrypt(input));
}
public static String decrypt(byte[] encryptionBytes)
throws InvalidKeyException,
BadPaddingException,
IllegalBlockSizeException {
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] recoveredBytes =
cipher.doFinal(encryptionBytes);
String recovered =
new String(recoveredBytes);
return recovered;
}
}
peter_budo
commented:
1. Four years too late; 2. Having zero description on what that class is supposed to do; 3. Bad handling of excecptions
-3
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.