So im coding a register and a log-in system in java. My plan for the register is: the user enters username, then enters password.
The password gets salted and stored in a .txt file. Now when user will have to enter the password to the log-in system, how i retrieve the original password to check it from the .txt file since its salted?
My questions are two: how i salt the password and then store it. How to retrieve the original password, so to check it.
I have searched a lot of things but i found nothing about this.
You save both the salted password and the salt. So when saving the password you do the following:
Do NOT store the plaintext password!
When a user tries to log in later, you do the following:
So you never compare the plaintext password a user provides with a plaintext password you saved, because it is unsecure to save plaintext passwords, in case this data gets compromised.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.