tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bob Krause" <BKra...@tickets.com>
Subject RE: Password encryption
Date Thu, 05 Oct 2000 13:15:21 GMT
Hello,

 Blowfish encryption is quite useful and is freely available on the Net if
you do a search and there is a reference implementation for it in the JCE.

Bob K

-----Original Message-----
From: Alistair Hopkins [mailto:alistair@berthengron.co.uk]
Sent: Thursday, October 05, 2000 8:04 AM
To: tomcat-user@jakarta.apache.org
Subject: Password encryption


Slightly off subject...

I'm storing passwords for the site in my db.

I'd like to encrypt them before writing to the db and after reading, so
they're not stored on disk in plain text.

Can anyone recommend a simple java one-hit encryption method that will
protect them from casual pinching?  Something like unix crypt, I guess.

I don't want/haven't the spare processing power to learn up on the javax
ssl package, as if anybody malicious is in my database it's not really
going to help much anyway...

Thanks,
Alistair.


Mime
View raw message