Menu
I am search java framework to manage passwords in my project like controlling password strength and encrypting password and any other features.
Do you have any recommendations?
403
Currently, the most secure way to store passwords is using Password Based Encryption (PBE), which provides functions (called Key Derivation Functions (KDFs)) that will convert low entropy user passwords into random, unpredictable, and most importantly one-way, irreversible bytes of data.
Password hashing algorithms convert a plain text password into a string of data you can safely store in a database that can never be reversed (you can transform a plain text password into a hash, but it's impossible to transform a hash into a password, hence the name “one way” function).
Hardcoded Passwords, also often referred to as Embedded Credentials, are plain text passwords or other secrets in source code. Password hardcoding refers to the practice of embedding plain text (non-encrypted) passwords and other secrets (SSH Keys, DevOps secrets, etc.) into the source code.
http://download.java.net/jdk6/beta2/docs/technotes/guides/security/crypto/CryptoSpec.html
http://www.bouncycastle.org/
http://code.google.com/p/keyczar/
(keyczar is the simplest)
cheers
daniel
127
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
