On 8 July 2013 23:05, Roger L. Whitcomb <roger.whitc...@actian.com> wrote: > I had a thought that it would be more secure to pass password data > around in VFS as byte arrays instead of String objects so they could > less easily be found by memory dumpers/scanners. This would apply (for > instance) to GenericFileName constructor and access methods, etc. > Obviously, at some point, you have to convert to String (like in > "GenericFileName.appendCredentials"), but it seems like at least some > level of obfuscation, as in storing the data as bytes might be useful to > increase security.
Another reason for using bytes is that the array can be zeroed out - or replaced with fake password to fool hackers ;-) - once it has been used. This is not possible with immutable strings. > > > Thoughts? Thanks. > > > > ~Roger Whitcomb > > Apache Pivot PMC Chair > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
