MD5 Encrypt in java

quinnd6 · 26-02-2009 11:52PM #1

Hi
How would I go about MD5 encrypting a string in java?
I have a password which is encrypted in MD5 in a database so Id like to match the password entered in by the user with the MD5 encrypted password in the database and if they match then the user is logged in.

So for the check in my java code for the query I tried
Select * from users where user_name="+username+" and password="+MD5Crypt(password)

That doesn't work because it's wrong.
Java surely has some built in function to md5 encrypt a string hasn't it?
Can you help?
thanks.

mecco · 27-02-2009 12:09AM

if you look at the class in this link: http://www.anyexample.com/programming/java/java_simple_class_to_compute_md5_hash.xml, you should be able to see how to use the MD5 capabilities built into Java. I havent tested the class, but it appears to compute the hash for you and convert the byte array (provided by the default Java class) into a string. It gives an example how to call the code too.

Again I havent tested it so your mileage may vary

quinnd6 · 03-03-2009 12:21AM

Thanks that works grand.

baztard · 03-03-2009 11:46AM

I'd be careful there, MD5 is a message digest / hash generally used to check if a file has changed or been tampered with in transit. I'm no expert but I dont think it should be used for encrypting passwords.

CreepingDeath · 03-03-2009 10:45PM

baztard wrote: »

I'd be careful there, MD5 is a message digest / hash generally used to check if a file has changed or been tampered with in transit. I'm no expert but I dont think it should be used for encrypting passwords.

One way hashing of passwords is more secure than encrypting.
Encryption is a two way process, hashing / message digesting is a one way process. There's no way of working out the arbitrary length string from a fixed length digest without brute force.

There's a clear difference between encryption and message digesting.

MD5 Encrypt in java

Comments