java - What is the best way to keep/validate user login credentials in our application -


what best way keep/validate user login credentials in web application using mysql database , jsp/servlet front end.

i have gone through couple of blogs , says not practice encrypt md5 , store user password might have collision attack. how can implement robust , secure login end use.

it subjective discussion , answere depends upon existing system :

best option hashing .

store password in hashed format(use latest hashing mechanism , java 8 has encluded 1 ) , store in db.

hash incoming password , mached hashed 1 stored in db .


Comments

Post a Comment

Popular posts from this blog

c# SetCompatibleTextRenderingDefault must be called before the first -

i tried search exception couldn't find solution on case i'am using code below invoke .net application : assembly assem = assembly.load(data); methodinfo method = assem.entrypoint; var o = activator.createinstance(method.declaringtype); method.invoke(o, null); the application invoked has form , in entrypoint of application : [stathread] static void main() { application.enablevisualstyles(); application.setcompatibletextrenderingdefault(false); //exception application.run(new form1()); } setcompatibletextrenderingdefault must called before first iwin32window object created in application. edit : assembly = assembly.load(data); methodinfo method = a.gettype().getmethod("start"); var o = activator.createinstance(method.declaringtype); method.invoke(o, null); you should create new method skips initialization...
Read more

How to prevent logback from emitting repeated "Empty watch file list. Disabling" messages -

i have logback configured logback.xml located here: http://pastebin.com/kuquekxy . every minute, see log message emitted of form: 18:26:21,486 |-info in reconfigureonchangetask(born:1478715201485) - empty watch file list. disabling why happening , how can rid of these? i can tell why happening, not how rid of them. the reconfigureonchangetask log line when doesn't have files watch. and doesn't have files watch because file in jar, , only watch files on filesystem . makes sense, because files within jar file don't change.
Read more

C#.NET Oracle.ManagedDataAccess ConfigSchema.xsd -

i'm not able find config schema file (configschema.xsd) of oracle.manageddataaccess itellisense in application configuration file. it supposed in odp.net managed driver files cannot find it... configschema.xsd xml schema file defines configuration section odp.net, managed driver. https://docs.oracle.com/cd/e48297_01/doc/win.121/e41125/installodpmd.htm after having installed oracle developer tools visual studio 2015, seems 2 schema files have been linked app.config file : oracle.dataaccess.common.configuration.section.xsd oracle.manageddataaccess.client.configuration.section.xsd both stored in : c:\program files (x86)\microsoft visual studio 14.0\xml\schemas
Read more