+ Password is set as a system property. + The password is prompted for and read from standard input + A program is run to get the password.Passwords that begin with OBF: are de obfuscated. Passwords can be obfuscated by run org.mortbay.util.Password as a main class. Obfuscated password are required if a system needs to recover the full password (eg. so that it may be passed to another system). They are not secure, but prevent casual observation.
Passwords that begin with CRYPT: are oneway encrypted with UnixCrypt. The real password cannot be retrieved, but comparisons can be made to other passwords. A Crypt can be generated by running org.mortbay.util.UnixCrypt as a main class, passing password and then the username. Checksum passwords are a secure(ish) way to store passwords that only need to be checked rather than recovered. Note that it is not strong security - specially if simple passwords are used. @version $Id: Password.java,v 1.13 2005/08/13 00:01:28 gregwilkins Exp $ @author Greg Wilkins (gregw)
|
|