CODEWITHSUNDEEP
javamysqldatabaseencryptionjoomla
THE-E
THE-E

Reputation: 203

How do I decrypt and encrypt Joomla user password for Java program?

I have programed a Java program which has access to my MySQL database. Currently I am using Joomla as CMS, therefore I would like to program my Java program so it is able to check the user data(of Joomla) to access the database.

If it isn't possible: Which encryption should I use so I can use it later for my websites ?

Right now my program is just comparing if the Strings in user field and password field with the data from the MySQL database.

I am new to Encryption/Decryption. Any tips how I should approach this subject is appreciated.

thanks in advance

greets

THE-E

Upvotes: 1

Views: 12843

Answers (2)

bjrn
bjrn

Reputation: 126

You shouldn't be seeing any plain text passwords in your database. I don't know for sure how older versions of Joomla do it, but the current ones save passwords in the following format:

md5([password][salt]):[salt]

Where you'd obviously replace [password] with the password and [salt] with the salt. For instance you might see the following string in the password field of your user table

dc0ea62a2aebf85100609bb67c6886a8:yh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E

The part after the colon is the salt, and the part before the colon is the md5 hash of the password and the salt. Now I can tell you that the password here is 'test'. And that the string is: md5(testyh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E):yh9MbHU5hR6ydbd8mCw6bQzCrRFYEI3E

Upvotes: 2

as_bold_as_love
as_bold_as_love

Reputation: 191

In essence what you want to do is as follows. when you store the password encrypt it. when a user enters a password in to a form encrypt that, and compare it to the encrypted password in the database.

what you dont want to do, is un-encrypt the stored password and compare it to the form input.

in PHP i use Bcrypt.

Upvotes: 0

Related Questions