![]() So yes, this is a security concern - but even using char only reduces the window of opportunity for an attacker, and it's only for this specific type of attack. You can overwrite the array with anything you like, and the password won't be present anywhere in the system, even before garbage collection. With an array, you can explicitly wipe the data after you're done with it. Java Projects with source code are available along with a guarantee to run. That means once you've created the String, if another process can dump memory, there's no way (aside from reflection) you can get rid of the data before garbage collection kicks in. The projects listed are completely error-free and included with the database. Java: Why is char preferred over String for passwords? Please avoid copyrighted materials.]ĭo not submit any solution of the above exercises at here, if you want to contribute go to the appropriate exercise page. PostgreSQL Exercises, Practice, Solution.R Programming Exercises, Practice, Solution. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |