Store the password as an MD5 (or SHA1) hash of the password -- when you get
the password, simply hash it and compare the hashes -- this way you get not
to care if anyone reads your password file since they cannot get the
passwords from the Hash.
Clayton
-----Original Message-----
From: A mailing list about Java Server Pages specification and reference
[mailto:[EMAIL PROTECTED]]On Behalf Of Chandini Paterson
Sent: 12 June 2001 11:51
To: [EMAIL PROTECTED]
Subject: Security question
Hi,
I am looking at various ways of creating secure web pages. What is the
option you mostly use. How do you store username and password info, (in
files or databases?). How do you ensure that the file is safe and cannot be
read by one and all, if you opt for the file option that is.
If anybody could please explain or else point me in the right direction.
Thanks,
Chandini Paterson
www.geocities.com/chandinib
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
