Reputation: 5846
Java: What is the best option to store encrypted database (and other) passwords in property files?
I examine Jasypt for storing database encrypted passwords in property files. It has good integration with Spring etc., but approach of that this guys propose for encrypting password looks a bit weird as for me:
Use PBE (symmetric algorithm) encryption.
Store password for encryption/decryption in environment variable or in source code.
Both options look unsafe and a bit insecure.
My questions:
- What is the best practice for storing encrypted passwords?
- Can I use key based encryption (i.e. private/public keys) here?
Upvotes: 0
Views: 1735
Answers (1)
Reputation: 36
In our application we use two approaches:
We use a enterprise password vault which stores the passwords for all our databases. Our web sever requests the password from the vault to connect the database every time.
We store Encrypted passwords in properties file. And during the application startup we read the properties file using class loader and keep it as a system variable and use it whenever needed.
It is difficult to have public/private key encryption directly with db, you would need an intermediary to do this.
Upvotes: 2
Related Questions
- What's the best way to store a Database Password (required in a JDBC connection string) in Java?
- Password Encryption and store in database
- What is the best practice for securely storing passwords in Java
- How to store password encrypted in database?
- Encrypt a password in a preferences/properties file - Java
- Where do you store database passwords?
- Password Encryption
- Best practice for storing database password
- Where to store database password secure in java desktop application
- How can I store sensitive data in Java configuration files?