[jboss-user] [Beginner's Corner] - Storing the hashed password in database

Discussion:

harikris

2013-01-04 00:06:33 UTC

harikris [https://community.jboss.org/people/harikris] created the discussion

"Storing the hashed password in database"

To view the discussion, visit: https://community.jboss.org/message/787428#787428

--------------------------------------------------------------
Hi All,

I would like to know how to save store sensitive information such as passwords and credit card information in the database in the JBOSS AS server context.

For passwords, i read that the best thing to do is to hash the password and store the hash. But i have no clue on how to do this. Can you give me some pointers or a code example to realize this in the JBOSS context?

Will hashing and storing the hash technique be sufficient for storing credit card or payment method as well?

Thanks in advance.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/787428#787428]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

Josiah Haswell

2013-01-10 03:34:31 UTC

Permalink

Josiah Haswell [https://community.jboss.org/people/haswellj] created the discussion

"Re: Storing the hashed password in database"

To view the discussion, visit: https://community.jboss.org/message/789974#789974

--------------------------------------------------------------
You can find http://stackoverflow.com/questions/2860943/suggestions-for-library-to-hash-passwords-in-java quite a few posts on Google about how to hash a password.Â As for how to store it, once you've salted and hashed it, insert it into the database as a string.Â ORMs like Hibernate or EclipseLink will allow you to do this in a database-independent fashion.

Best!

Joe
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/789974#789974]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

harikris

2013-01-17 15:35:55 UTC

Permalink

harikris [https://community.jboss.org/people/harikris] created the discussion

"Re: Storing the hashed password in database"

To view the discussion, visit: https://community.jboss.org/message/792633#792633

--------------------------------------------------------------
Thanks @Josian
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/792633#792633]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

Robert Dalgleish

2013-01-19 22:44:33 UTC

Permalink

Robert Dalgleish [https://community.jboss.org/people/bobdalgleish] created the discussion

"Re: Storing the hashed password in database"

To view the discussion, visit: https://community.jboss.org/message/793041#793041

--------------------------------------------------------------
I strongly recommend against storing credit card information in your database without a substantial business and security review. Start by searching for payment card industry data security standards (PCI DSS).
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/793041#793041]

Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]