I am using Tamino to store my user information including passwords. How would you go about encrypting these passwords?

Thanks,
Knute Hestness

Hi,

I solved this, specifically for storing the passwords the users log on with, using a uni-directional hash algorithm.

With this, the password is encrypted in the database. On log on, the password string is encrypted the same way and the result is compared to the value in the database. If both match, the given password was correct and the user is allowed in.

Here’s a Java demonstration I found somewhere on the net. I think it shows what’s to be done.

Best regards, Andreas
EncryptPassword.java (1.75 KB)

I think I have seen a similar code bit around the net. Thanks for the help!

Knute Hestness

Andreas,
Could you also post the validation code that you are using??

Many Thanks

Mh, it’s the same code twice.

When the user logs in for the first time, the password is encrypted and stored in the database.

When the user logs in the next time, you fetch the user-document matching the user’s login name from the database. Then you encrypt the password the user has given with the same algorithm as above and compare the result with the string stored in the document.

If the both match, the user has given the correct password and can proceed, if not, the password given was incorrect.

Best regards, Andreas