Forum Stats

  • 3,814,632 Users
  • 2,258,892 Discussions
  • 7,892,792 Comments

Discussions

Password Deprecation

843811
843811 Member Posts: 49,851
I have a JSP that inputs a Password. To begin I cant figure out how to HIDE the text as you type it in. And Second I want to be able to spit it backout when the submit button is hit. I know i cant do this by making 'varPassword' a String cause then it wont take it as a password. Anyone now how to do this? essentially this is it:
1. Mask or hide the text as its typed in
2. Display the password after 'Submit' so i can verify
thanks

Comments

  • 843811
    843811 Member Posts: 49,851
    I am sorry not to have an answer to your question but I do have some advice that you might find useful. You should not put the password back into plain text at any point. You should hash it and pass this, then to verify the password you should have a hashed copy at the server which can be used to check the submitted one. As any slight change in the content of the password would cause major changes in the hash you know whether the password submitted is correct or not. And, you do not have any plain text passwords stored anywhere.
This discussion has been closed.