Re: Secure storage of passwords or credit card data

Sat, 07 Nov 2015 15:09:37 -0800 

I’m using http://www.jasypt.org <http://www.jasypt.org/>

I have a property such as encryptedPassword and then write code like this:

        public void setPassword(String newPassword) {
                BasicPasswordEncryptor passwordEncryptor = new 
BasicPasswordEncryptor();
                
setEncryptedPassword(passwordEncryptor.encryptPassword(newPassword));
        }
        
        public boolean canAuthenticateWithPassword(String password) {
                BasicPasswordEncryptor passwordEncryptor = new 
BasicPasswordEncryptor();
                try {
                        return passwordEncryptor.checkPassword(password, 
encryptedPassword());
                }
                catch (EncryptionOperationNotPossibleException e) {
                        log.error(e);
                }
                return false;
        }

Mark

> On 4 Nov 2015, at 18:29, Ray Kiddy <r...@ganymede.org> wrote:
> 
> On Wed, 04 Nov 2015 10:40:49 +0100
> Markus Ruggiero <mailingli...@kataputt.com> wrote:
> 
>> Folks,
>> 
>> another quick question: what are you using for secure storage of
>> passowords and credit card data in a Wonder app? Is there anything in
>> Wonder (probably there is, but it is not always easy to find things),
>> or are you using other things/libs/code? Any code examples?
>> 
>> Thanks for any hint / pointer /example
>> ---markus---
>> 
> 
> This is a good source of info on how to do some of these things:
> 
> https://www.owasp.org/index.php/Cheat_Sheets
> 
> See the cheat sheets on password storage, authentication, "forgot
> password", and many, many others. The ones that I have read tend to come
> with both a good explanation and code examples.
> 
> cheers - ray
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (Webobjects-dev@lists.apple.com)
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/webobjects-dev/mark%40wardle.org
> 
> This email sent to m...@wardle.org


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (Webobjects-dev@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to