Member Avatar for Traps

I'm making a website and of course want to incorporate memberships and logins, etc and while I understand the theoretical application of salting and hashing a user-inputted password to save the encrypted pass in my database, I'm not sure on the approach...

What I would do is get the hashCode of the string/password and then salt it BUT that won't work as the hashCode will never be the same so it would be impossible to compare them...

So how would you actually hash a password? Have I got it all wrong and by hashing a password you don't actually mean getting the hashcode?

  • 2 Contributors
  • 2 Replies
  • 103 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by Traps
Member Avatar for NormR1

How are you going to use a java program for this project?

There are many algorithms for hashing a String. Have you researched one that looks good for you?
By hashCode are you referring to what is returned by the Object class's hashCode() method?

Member Avatar for Traps

I've already found a working solution so I'll mark this as solved, but to answer your question:

I'm making a Web App and want to store users (usernames and passwords) in my database to handle user/login-sessions but don't want to store the passes as clear text.

Yes, by hashCode I am referring to the Object.hashCode() method

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.