Java password encryption

Question

We have a maven project for website automation . Website uses a login and password to enter into first page . Is it possible to have a something like below.

1. Passcord is encrpted in some format in a property file so that even if someone downloads the entire maven project it is will not be visible in plain txt .
2. Selenium takes encrpted password from property file and decrypts it and enters into website .

Answer 1

You can use Jasypt cli (command line) utility that can be used to encrypt the values of your properties. Download the Jasypt distribution and unpack it. The utilities reside in the bin directory.

C:\jasypt-1.7\bin> encrypt input=postgres password=secret


----ARGUMENTS-------------------

input: postgres
password: secret

----OUTPUT----------------------

jd5ZREpBqxuN9ok0IhnXabgw7V3EoG2p

For detailed steps and do/don'ts you can refer to this page and this page

Answer 2

If you're providing someone with the code used to decrypt the password, there is no way you can encrypt it that will hide it from someone determined. You would be providing them with both the encrypted password, and the means to decrypt it.

However, what you can do it not include the properties file which contains the password in the maven project, and then users have to input this themselves.

Dependent on what you are doing this might not be ideal however.