> MessageDigest md = MessageDigest.getInstance("SHA-1");
> Does anyone have example code of how to decode the encrypted value from the
> code above?
The whole point of hashing passwords (with per user salt for best
results) is that if a bad guy steals the database, (s)he won't be able
to recover passwords in clear text -- hashing algorithms are thus
one-way (or in an ideal world they would be).
If you're hashing passwords, You don't "unhash" them. Just write a
testPassword(String userGivenPassword) method that hashes the string
user entered in the password field (using salt chosen based on login
s/he entered) and compares the hash to the one you have in the db.
HTH
------------------------------------------------------------------------------
Gaining the trust of online customers is vital for the success of any company
that requires sensitive data to be transmitted over the Web. Learn how to
best implement a security strategy that keeps consumers' information secure
and instills the confidence they need to proceed with transactions.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Stripes-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-users
