6 Replies - 690 Views - Last Post: 20 June 2021 - 03:16 AM Rate Topic: -----

#1 Larry71   User is offline

  • D.I.C Head

Reputation: 7
  • View blog
  • Posts: 102
  • Joined: 05-June 12

Encryption and passwords in java

Posted 18 June 2021 - 01:59 PM

Hallo everyone,

I have an application, built with Eclipse. What I want to do is set a password for every single user. My first thought is based do an encryption based on the user's machine properties, such as a mac address.
What is the right way to do it, without being in danger, that any other programmer who decompiles my application, to see the way it is encrypted?
It would be nice to have a link with an example.

Thank you all.

Is This A Good Question/Topic? 0
  • +

Replies To: Encryption and passwords in java

#2 g00se   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3737
  • View blog
  • Posts: 17,104
  • Joined: 20-September 08

Re: Encryption and passwords in java

Posted 19 June 2021 - 06:35 AM

You don't state your GOAL but I suspect that it is that your app have hardware-bound licensing - am I right?
Was This Post Helpful? 0
  • +
  • -

#3 Larry71   User is offline

  • D.I.C Head

Reputation: 7
  • View blog
  • Posts: 102
  • Joined: 05-June 12

Re: Encryption and passwords in java

Posted 19 June 2021 - 05:45 PM

Yes @g00se, you are right.
In general some licensing, that even if someone reads the code, cannot figure out how to retrieve the passwords.

This post has been edited by Larry71: 19 June 2021 - 05:48 PM

Was This Post Helpful? 0
  • +
  • -

#4 ndc85430   User is offline

  • I think you'll find it's "Dr"
  • member icon

Reputation: 1061
  • View blog
  • Posts: 4,073
  • Joined: 13-June 14

Re: Encryption and passwords in java

Posted 19 June 2021 - 10:59 PM

It's not clear what your application is or what its constraints are. In general, you don't store passwords (or any data that can change independently really) in the source code (why would you?). You do store passwords in a form from which the original password can't be derived though - you can look up password hashing for info here. Besides storing those hashed passwords in a database or on the file system, there are online services that will deal with some of this stuff for you (e.g. Auth0, not that I've used them).
Was This Post Helpful? 0
  • +
  • -

#5 Larry71   User is offline

  • D.I.C Head

Reputation: 7
  • View blog
  • Posts: 102
  • Joined: 05-June 12

Re: Encryption and passwords in java

Posted 20 June 2021 - 12:48 AM

View Postndc85430, on 19 June 2021 - 10:59 PM, said:

It's not clear what your application is or what its constraints are. In general, you don't store passwords (or any data that can change independently really) in the source code (why would you?). You do store passwords in a form from which the original password can't be derived though - you can look up password hashing for info here. Besides storing those hashed passwords in a database or on the file system, there are online services that will deal with some of this stuff for you (e.g. Auth0, not that I've used them).


I would rather choose the solution with hashed passwords but is it a safe solution even if someone reads your code?
A link with a tutorial would be nice, thank you.
Was This Post Helpful? 0
  • +
  • -

#6 ndc85430   User is offline

  • I think you'll find it's "Dr"
  • member icon

Reputation: 1061
  • View blog
  • Posts: 4,073
  • Joined: 13-June 14

Re: Encryption and passwords in java

Posted 20 June 2021 - 01:30 AM

The whole point of password hashing is that it's one way. What research have you done on this topic, for information about the security concerns as well as libraries, etc. to actually do it?
Was This Post Helpful? 0
  • +
  • -

#7 g00se   User is offline

  • D.I.C Lover
  • member icon

Reputation: 3737
  • View blog
  • Posts: 17,104
  • Joined: 20-September 08

Re: Encryption and passwords in java

Posted 20 June 2021 - 03:16 AM

Still unclear. For instance, passwords have nothing to do with licensing as such.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1