« Startup time improvement in J2SE 1.5 | Main | Accessing Windows Certificates from Java »

Will you encrypt password with a fixed string?

Here is the general scenario: You have written a webapp that connects to a database. However, for this it needs a database username and password. You know that it is not a good idea to read password values from a configuration file, as anyone with read access to this file will get complete access to the database.

So, what do you do? One of the guys I came across had a clever solution to this problem. He had a configuration tool that asked the user to enter the password, encrypted the password and then stored the encrypted value in the configuration file. At the startup time, the webapp will read this files, decrypt it and then use the real password to connect to the database.

When I asked him what encryption key did he use and how did the webapp get it, he replied that he has the key deep buried in the code, away from the reach of most users.

Anyone who knows even ABC of security will realize that it buys him no real security, for anyone with slightest amount of determination will retireve the key within minutes. But apparently, his customers felt safe in the knowledge that the password is not kept in clear. I guess, few bothered to ask the details of the encryption process.

There is a straight-forward solution to this problem: ask the admin. to supply a password at the time of webapp start (or the webapp container start) and then use this password as the encryption key. However, it does make the process of startup a bit inconvenient.


This page contains a single entry from the blog posted on January 28, 2004 9:59 PM.

The previous post in this blog was Startup time improvement in J2SE 1.5.

The next post in this blog is Accessing Windows Certificates from Java.

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33