本文介绍了如何在数据库中存储加密的密码?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我试图在JSP和Servlets的帮助下以密码形式将密码存储到数据库中。
I am trying to store the password into the database in the encrypted form with the help of JSP and Servlets. How I can do that?
推荐答案
自写算法是一种安全风险,维护起来很痛苦。
MD5是。
Self-written algorithms are a security risk, and painful to maintain.
MD5 is not secure.
使用由(open)提供的bcrypt算法源码):
Use the bcrypt algorithm, provided by jBcrypt (open source):
// Hash a password
String hashed = BCrypt.hashpw(password, BCrypt.gensalt());
// Check that an unencrypted password matches or not
if (BCrypt.checkpw(candidate, hashed))
System.out.println("It matches");
else
System.out.println("It does not match");
如果使用Maven,您可以通过在pom.xml中插入以下依赖关系来获取库(如果有较新版本可用,请与我联系):
If you use Maven, you can get the library by inserting the following dependency in your pom.xml (if a newer version is available please let me know):
<dependency>
<groupId>de.svenkubiak</groupId>
<artifactId>jBCrypt</artifactId>
<version>0.4.1</version>
</dependency>
这篇关于如何在数据库中存储加密的密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!