Ask the Expert

Password encryption program: Best practices and alternatives

What best practices are there for writing code to encrypt a password? Could you provide or point to sample code?

    Requires Free Membership to View

Interesting question: First, I'd have to ask why you're implementing a password encryption program to begin with, instead of letting an operating system or application manage this bit of information. I assume you're asking in the context of writing the application that will manage the encryption code itself.

The general contemporary thinking in this regard is not to put passwords in code, but to use certificates, like Kerberos, or trust relationship information, like Federation SAML assertions, in the code since any hacker with enough time and energy can eventually crack an encrypted password.

With that said, however, best practices for encryption depend on what language you're writing in. There are two sites that come to mind (granted, googling "encrypt password" will show a number of sites with sample code): One is Encrypt HTML, which has a number of tools, not just html; the other is JavaScript Kit, which allows you to put in a password and it will generate java code for you. Good luck, and happy writing.

For more information:

This was first published in March 2010

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: