安全地在数据库中存储1个密码

Question

I have a java swing application which starts with a login page and should take admin to the dashboard if the login is authenticated. As there is just 1 admin, so there is just 1 username and password combination.

Right now, I am just inserting username and password to the sql table using a simple insert query. I am new at this so I don't know how to go about this

create table login (
    Emp_id INT AUTO_INCREMENT PRIMARY KEY,
    Emp_Fname VARCHAR(50),
    Emp_Lname VARCHAR(50),
    Username VARCHAR(50),
    Password VARCHAR(50)
);
insert into login (Emp_id, Emp_Fname, Emp_Lname, Username, Password) values (1, 'TestFName', 'TestLName', 'Test', 'Test');

Instead of storing passwords in plain text, I want it encrypted or hash.

Answer 1

I am currently typing from my phone so forgive me. It seems like u want your password to look like: eive29ceic28e8c38d9h3ce9h instead of "password123"

You can use something like SHA-1, which have an integration in java with SHA256 and SHA512. Both of which can be found after a quick Google search. I personally used them in a project but ran recursively this method 100 times using the result from one round as the input for the next. Then I extended the length of the string by using this scheme: password + password backwards + password + password. In my case the password got 4x512 bits long and seemed relatively secure. After that I saved it to a file and every time I want to login, I take the input and encrypt it and then compare it to my password in my file. If they match you're in. I know that you can crack sha-1 opens it brute force. If you want something different try bcrypt, pbkdf2 or argon2.

I would like to give you links but that's hard on mobile. I hope this works iut for you. Otherwise I will comment tomorrow morning

Edit: look into your comments there is a link to the algorithm I meant. Just put it in a for loop 100 times...