[Date Prev][Date Next] [Chronological] [Thread] [Top]

Storing of passwords

I'm using some Javacode for generation LDAP passwords. Is this code
sufficient? Or is there anything else I've got to do?

There seems to be some differences in the way the passwords are stored,
using an LDAPbrowser compared with my java code.

private String encryptPassword(String toEncrypt) {
    byte[] hash=toEncrypt.getBytes();

    try {
        MessageDigest sha = MessageDigest.getInstance ("SHA");
        toEncrypt=new String(sha.digest());
    } catch (NoSuchAlgorithmException nsae) {
        System.out.println("LDAPInterface | NoSuchAlgorithmException: "
+ nsae);
    return toEncrypt;

It returns something like 'CÀsOE}§Ïd.ËvíÇsQs"?'

Is this correct? Do I have to prepend something? Is the encryption
algorithm correct (using SHA-1)?

Looking forward to some helpful replies!

- Vyrdsamt...
- Jakob Breivik Grimstveit, jakob@grimstveit.net, www.grimstveit.net
- Morvikbotn 341, 5121 Ulset, tlf: 55195667, mob: 98833857
- Applikasjonsutvikler, Reaktor AS, jakob.grimstveit@reaktor.no,

"I love deadlines. I love the whooshing noise they make as they go by."
-Douglas Adams