Developers should not have any access to User's password but User's passwords are stored database. So we need to save passwords in encrypted way.  
  1. Encrypt passwords while registration of User and storing them into database. Developer can see encrypted passwords but they can't know what is real password. 
  2. While Login verify the encrypted password with database.
Here we have to choose proper encrypting algorithm to encrypt password. That algorithm should give One to One relation between password and its encrypted state. SHA-1 algorithm gives unique encrypted value for every unique password.

Function to Encrypt password using SHA-1 algorithm and Salt

encryptNb - Number of Hashing or Encryption
salt - Random string is to be added to password  to improves security. 

    public static String getEncryptedPassword(String password)
            throws NoSuchAlgorithmException, UnsupportedEncodingException {
        int encryptNb = 8;
        byte[] salt = "fhkskjnkj938758xmclksjdlkjhu;pquyttp.xhdhhalqqqjjjlazxcnjiorutalmznvbvna;asi"
        MessageDigest digest = MessageDigest.getInstance("SHA-1");
        byte[] hashBytes = digest.digest(password.getBytes("UTF-8"));
        for (int i = 0; i < encryptNb; i++) {
            hashBytes = digest.digest(hashBytes);
        return hashBytes.toString();


  1. It is essential to secure our data so that it cannot be use by unauthorized people. Data can be in any form this site where media are common so it is essential to use some password scheme to sure the privacy of data. Overall likable..!!

  2. Thank you so much for marvelous posting! I definitely enjoyed reading it, you’re a great blog

    โปรโมชั่นGclub ของทางทีมงานตอนนี้แจกฟรีโบนัส 50%
    เพียงแค่คุณสมัคร สล็อตออนไลน์ กับทางทีมงานของเราเพียงเท่านั้น
    สมัครสล็อตออนไลน์ >>> Goldenslot
    สนใจร่วมสนุกกับ คาสิโนออนไลน์ คลิ๊กได้เลย
    มีทั้งคาสิโนออนไลน์ หวยออนไลน์ ฟุตบอลออนไลน์ สล็อตออนไลน์ และอื่นๆอีกมากมาย



Popular Posts