java - What is the best way to keep/validate user login credentials in our application -


what best way keep/validate user login credentials in web application using mysql database , jsp/servlet front end.

i have gone through couple of blogs , says not practice encrypt md5 , store user password might have collision attack. how can implement robust , secure login end use.

it subjective discussion , answere depends upon existing system :

best option hashing .

store password in hashed format(use latest hashing mechanism , java 8 has encluded 1 ) , store in db.

hash incoming password , mached hashed 1 stored in db .


Comments

Popular posts from this blog

c# SetCompatibleTextRenderingDefault must be called before the first -

How to prevent logback from emitting repeated "Empty watch file list. Disabling" messages -

C#.NET Oracle.ManagedDataAccess ConfigSchema.xsd -