Details
-
Bug
-
Resolution: Done
-
Minor - P4
-
0.11
-
None
-
None
-
n/a
Description
As per Java security best practices, passwords should always be stored as char[] rather than String - the DB.authenticate() method currently uses a String for the password.
This is recommended for two reasons:
1. Due to string interning [1], String values may stay in the heap a lot longer than other Java objects
2. Because they're immutable, Strings cannot be rewritten (eg. zeroed out) to further reduce the chances of a password being compromised [2]
[1] http://java.sun.com/j2se/1.5.0/docs/api/java/lang/String.html#intern%28%29
[2] http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#PBEEx