Store Password Field in Encryption Form Using MySQL and Hibernate

Question

I am using Spring, Hibernate for developing my application. And as DB side, I have MySQL. I have an User table and that has password field of varchar type.

Now, when a new user is created, I just want store password field in an encrypted form. Is there any facility provided by Hibernate to do so? Or is there any other way?

One advice: NEVER store a password anywhere. Store a hash of the password instead. — Ferenc Deak, Nov 26 '09 at 11:53

score 4 · Answer 1 · edited May 23 '17 at 10:34

4

You might want to take a look at this thread which provides good answers for the same question:

Password encryption with Spring/Hibernate - Jasypt or something else?

In short, using a one-way hashing algorithm with salt to encrypt the password is the de-facto way of doing this.

edited May 23 '17 at 10:34

Community

1
1

answered Nov 26 '09 at 12:12

Olly

7,492
8
48
59

score 0 · Accepted Answer · answered Jun 30 '10 at 12:51

0

I have resolve this issue by creating one trigger in mysql.

So, whenever any record created for User Table, it will fetch the password of that field and converted the password into encrypted form supported by mysql in-built function.

answered Jun 30 '10 at 12:51

Nirmal

4,739
13
70
113

Store Password Field in Encryption Form Using MySQL and Hibernate

2 Answers2