2

I am working on a project which have to access the MySQL database username and password to read and update the user database.

Initially i wrote the username and password of the database directly to my code. But my teacher asked me to create a prompt box which will take the username and password on 1st run of the program and not again. So if do that i will not be able to access the database next time.

I was thinking to store that username and password into a local text file.

Is it good idea. Or there are any good methods to do this type of work?

Improve this question
2
  • 1
    store in php file, or store in txt file but encrypted Commented Mar 21, 2017 at 7:21
  • 1
    He is using Java. Commented Mar 21, 2017 at 7:27

3 Answers 3

Reset to default
2

You can store the information in a properties file (https://docs.oracle.com/javase/tutorial/essential/environment/properties.html), but should use encryption. See: How to encrypt String in Java

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

In your case, the best way will be storing in .properties file.

And after getting a user input => store to the properties file.

Also, good practice for storing passwords in DB is to use one-way hash. A variety of hash methods is good for this: MD5, SHA-256, etc.

However, it works only for one way. More info here - MD5 algorithm Decryption in java.

And in your case properties file should be enough.
Example for db.properties:

db.username=MyUser db.password=MyPassword

You can have default values for connection. If user input doesn't match with it just print a warning message with something, like: "DB username or password is incorrect. Try again."

You can use something like JOptionPane for asking from user:

public void start() throws CreateDocumentConfigurationException { // Custom button text Object[] options = {"Yes, please", "Use default instead"}; int n = JOptionPane.showOptionDialog(null, "Would you like to enter DB credentials?", "DB Question", JOptionPane.YES_NO_CANCEL_OPTION, JOptionPane.QUESTION_MESSAGE, null, options, options[1]); estimateUserInput(n); // process result here. 0 - for entering new one, 1 - for using default }
Improve this answer

2 Comments

Thanks for your answer, but when i hash the password directly to the properties file, as you said that is hashing is only one way, then how can the program can re log into the database server without asking the password?
@user55924 much better will don't hash it. just save to properties file. if credentials are presented at properties file -> just use them for connection. Otherwise, you have to ask user for providing them.
0

You can store the database login information in configuration file.

For Desktop Application, .properties file can be use

For Web Based Application, Store the password in context.xml of your Apache Tomcat Server.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.