I have in my program (written in Java) a variable:
String myPassword
After compiling the code with Android Studio, I get an an android application and I would like to let other people to use it.
But I am scared: is it possible for the users to get the variable value (password) from the application?
Let's say that the password value is "myPass". Its binary is:
01101101 01111001 01010000 01100001 01110011 01110011
Will the application binary contain this sequence in it?
If you decompile your classes with javap -c -p -constants
for example you would see those Strings:
public class DeleteMe {
private static final String test = "def";
public static void main(String[] args) {
String test = "abc";
}
}
would yield(the important two lines):
private static final java.lang.String test = "def";
ldc #2 // String abc
Otherwise, storing passwords inside your app is really bad, usually people employ some sort of database where passwords are kept for example.
Also the must read about String
and char[]
for passwords.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With