Timeline for Why is char[] preferred over String for passwords?
Current License: CC BY-SA 4.0
11 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jan 20, 2023 at 1:17 | history | edited | Peter Mortensen | CC BY-SA 4.0 |
Fixed the indentation, etc.
|
| Jan 8, 2020 at 15:25 | history | edited | ACV | CC BY-SA 4.0 |
deleted 42 characters in body
|
| Jan 8, 2020 at 11:06 | comment | added | Holger |
You can simply use Arrays.fill(pass, '0');
|
|
| Jan 8, 2020 at 11:00 | comment | added | ACV | @Holger thanks. Corrected the char array cleanup code. | |
| Jan 8, 2020 at 11:00 | history | edited | ACV | CC BY-SA 4.0 |
added 18 characters in body
|
| Jan 6, 2020 at 16:25 | comment | added | Holger |
ch = '0' changes the local variable ch; it has no effect on the array. And your example is pointless anyway, you start with a string instance you call toCharArray() on, creating a new array and even when you overwrite the new array correctly, it doesn’t change the string instance, so it has no advantage over just using the string instance.
|
|
| Dec 9, 2019 at 11:09 | comment | added | Tvde1 |
But doesn't request.getPassword() already create the string and add it to the pool?
|
|
| Dec 2, 2018 at 23:13 | history | edited | ACV | CC BY-SA 4.0 |
deleted 1 character in body
|
| Dec 2, 2018 at 22:56 | comment | added | Yugerten | ch = null; you can't do this | |
| Nov 19, 2018 at 13:47 | review | Suggested edits | |||
| Nov 19, 2018 at 18:03 | |||||
| Apr 25, 2018 at 22:39 | history | answered | ACV | CC BY-SA 3.0 |