Help Username/Password?

Question

Scicluna 0 Newbie Poster

13 Years Ago

Hello! I am trying to create a simple register/log in menu which allows users to enter the system using that username and password. I have already created the 'Register' section but I have difficulty linking it with the Username and Password in the 'Log in' section. Do I have to create a database which stores Usernames and Passwords in order to do so? Thanks in advance.

import java.util.*;
public class Menu {
	public static void main (String[] args){
		Random generator = new Random();
		Scanner sc = new Scanner(System.in);
		char[] Email, Username, Password, pass1, user1;
		String Name, Surname, Ans;
		int age, sqchoice, choice;

			System.out.println("Welcome!");
			System.out.println("\n[1] Register");
			System.out.println("[2] Log in");
			System.out.println("[3] Forgot Password/Username");
			System.out.println("[4] Quit");
			System.out.print("\nEnter your choice: ");
			choice = sc.nextInt();
			switch(choice){
				case 1:
					System.out.println("\nKindly enter information below:");
					System.out.print("\nName: ");
					Name = sc.next();
					System.out.print("Surname: ");
					Surname = sc.next();
					System.out.print("Age: ");
					age = sc.nextInt();
					System.out.print("Email Address: ");
					String input = sc.next();
					Email = input.toCharArray();
					System.out.print("Username: ");
					String input1 = sc.next();
					Username = input1.toCharArray();
					System.out.print("Password: ");
					String input2 = sc.next();
					Password = input2.toCharArray();
					System.out.println("\nSecurity Questions: ");
					System.out.println("[1] What was your childhood nickname?");
					System.out.println("[2] What is the name of your favorite childhood friend?");
					System.out.println("[3] What is your maternal grandmother's maiden name?");
					System.out.println("[4] What is your oldest cousin's first and last name?");
					System.out.print("\nEnter your choice: ");
					sqchoice = sc.nextInt();
					System.out.print("\nAnswer: ");
					Ans = sc.next();
					int number = generator.nextInt(1000000) + 1;
					System.out.println("\nYour Unique Number: "+number);
				case 2:
					System.out.print("\nUsername: ");
					String input3 = sc.next();
					user1 = input3.toCharArray();
					System.out.print("Password: ");
					String input4 = sc.next();
					pass1 = input4.toCharArray();
					if ((Username=user1) && (Password=pass1)){
						System.out.print("WIN");
					}else{
						System.out.print("FAIL");
					}

				break;


			}
		}
	}

java

Edited 13 Years Ago by Scicluna because: n/a

8 Contributors
15 Replies
441 Views
3 Days Discussion Span
Latest Post 13 Years Ago Latest Post by Tellalca

Majestics 84 Posting Pro

13 Years Ago

Yes, u require a user table in database to handle this thing. Try Oracle or access according to your requirement. Or make ur own file which store username and password and encrypt it.

stultuske 1,116 Posting Maven

13 Years Ago

not necessarily, worst (but easiest) approach would be to have your username and password hardcoded in your code.
a better way would be to put them in files, which you can read (and maybe write) from within your application, but yes, using a database is very common approach. a nice part of that, is that you can protect your database with a password.
since you won't want every single user to know the administrator password of this database, you 'll propably have this hardcoded in one of your classes that take care of the connection, or in a properties file used by that class.

hfx642

13 Years Ago

You CAN use a database, but if you don't really need a database, don't bother.
Just use a binary file (record, structure, many different names).

Majestics 84 Posting Pro

13 Years Ago

If you have limited user and they wont change then use hard code

switch(username)
{
case user1: checkpassword(username);
case user2: checkpassword(username);
default: User Doesnt exit;
}

checkpassword(username); //User Function for checking password

boolean checkpassword(username)
{
if password matches according to username then
true
else 
false
}

If you want to use oracle or ms access for storing password then u must have concept of databases

You can also use binary file to store all username and password and fetch then from file and use them.

File and database will provide password change facility and adding and removing user facility. For large number of user database is preferable , while for small binary file is Ok.

Edited 13 Years Ago by Majestics because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Scicluna 0 Newbie Poster · Answer 1 · 2011-08-11T03:58:42+00:00

What is the most efficient method to use in this case? Can someone refer me to another thread or tackle the problem with me please? I'm relatively new to Java, and I have to create a program for my school project. Thanks for the support.

Vaspar 0 Light Poster · Answer 2 · 2011-08-12T19:15:52+00:00

JTextField _user;
JPasswordField _pass;



Connection con = DriverManager.getConnection("jdbc:odbc:Driver={Microsoft Access Driver (*.mdb)};DBQ=C:/Database.mdb","","");
Statement stmt = con.createStatement();
String user = _user.getText();
char pass[] = _pass.getPassword();
boolean status = false;
String sql = "SELECT * FROM Users Where User ='"+user + "'";
ResultSet rs = stmt.executeQuery(sql);
while(rs.next()){
if (rs.getString(1).equals(user) && rs.getString(2).equals(pass.toString()))
{
status=true;
}
}

if(status){
System.out.println("User Found");
}
else{
System.out.println("Not Found");
}

Vaspar 0 Light Poster · Answer 3 · 2011-08-12T19:16:15+00:00

I hope this will help ya

Make a Database File in MS Access of User accounts

JamesCherrill 4,733 Most Valuable Poster Team Colleague Featured Poster · Answer 4 · 2011-08-12T23:05:16+00:00

Short version:
Storing passwords in plain text, regardless of database vs file etc is a no-no; it's just too vulnerable to exposure.
A normal practice is to create the password, get its MD5 digest (easy in Java, just Google it) and store that instead. When the user next enters a password you perform the same digest and check that against the stored value. The password itself is never stored, so the database/file isn't a security vulnerability.

Longer version:
Do as above, but before getting the MD5 digest append the user name and your application name to the password. That way, even if the password is a really well-known one, the MD5 digest will still be an unrecognisable value.

JamesCherrill 4,733 Most Valuable Poster Team Colleague Featured Poster · Answer 5 · 2011-08-12T23:08:03+00:00

switch(username)

Congratulations. You are the winner of a special DaniWeb *back to the future" award for being the first person to post code that will only run an Java 7 or later.

Majestics 84 Posting Pro · Answer 6 · 2011-08-13T00:30:53+00:00

I just posted algorithem explaining the method... I have already recieved too many negative points on writing whole code, so i m only pointing the algo. :)

stultuske 1,116 Posting Maven Featured Poster · Answer 7 · 2011-08-13T13:33:54+00:00

I just posted algorithem explaining the method... I have already recieved too many negative points on writing whole code, so i m only pointing the algo. :)

yes, but using a switch with a String as check, will not work unless using Java 7 (or later).

Since most people haven't upgraded to that yet, especially those that just are making a project for school.

question for the OP:
what have you learned yet? if it's a small task for school, and you haven't seen database connection yet, I assume your teacher won't expect you to use it. could you be a bit more precise of what you have seen, so we may deduct from that what techniques your teacher might expect?

JamesCherrill 4,733 Most Valuable Poster Team Colleague Featured Poster · Answer 8 · 2011-08-13T14:48:36+00:00

I just posted algorithem explaining the method... I have already recieved too many negative points on writing whole code, so i m only pointing the algo. :)

Hi Majestics. Don't worry, I was just having a little joke around the fact that the long-awaited switch on a String has finally been released, but nobody is likely to have it yet. Certainly no negative points from me...
:)
J

sathya88 0 Junior Poster in Training · Answer 9 · 2011-08-13T16:22:11+00:00

chararacter arrays comparison:

if ((Username=user1) && (Password=pass1))//wrong

if char[] a1,a2;

Arrays.equals(a1,a2)// it return a boolean value

if ((Arrays.equals(Username,user1)) && (Arrays.equals(Password,pass1)))

JamesCherrill 4,733 Most Valuable Poster Team Colleague Featured Poster · Answer 10 · 2011-08-13T16:29:16+00:00

JamesCherrill 4,733 Most Valuable Poster

13 Years Ago

nevermind

Edited 13 Years Ago by JamesCherrill because: n/a

Tellalca 19 Posting Whiz in Training · Answer 11 · 2011-08-13T19:03:11+00:00

If your application is small you can put your usernames and passwords into a encrypted binary file.

Do not forget to encrypt usernames and passwords with different algorithms or it would be easier to hack your application by knowing a username and its encrypted version.