Hide Password Content in Source Code

Question

Does anyone know how to hide the password contents in the source code of a j2me program? i.e. so people cannot see "DBT" as password who read the source code.

public void validateUser(String user, String Password) {     
  if (user.equals("N0203251") && Password.equals("DBT")) {
    switchDisplayable(null, getContinue());
  }
}

Answer 1

As other have said. Store the hash, though you still need to use a strong password or an automated guesser will find the one you're using.

But, be warned:

If your attacker has access to the source code he/she/it can alter the stored password hash or just remove the password check.

So this method is of little use unless you can verify the integrity of the code being run, which is hard.