Thursday, 24 May 2012

MYSQL: Password security problem with mysql Database,Be Aware about secure your Password

Yes , it is true in mysql your password may not secure . It happens with any developer those are using mysql as database. Normally developers are not aware about the password hacking and apply normal query for retrieving  data from database.

Anyone using MySQL on a computer connected to the Internet should read this section to avoid the most common security mistakes.
In discussing security, it is necessary to consider fully protecting your password when login. Commonly we are using such below where clause for comparison for login or validation . But, it is completely not safe.

where binary pass='yourpassword'

But, this above code is not secure and it can be overlapped by using '=' . In place of you password you can use '=' , and see it will hack your password. Your condition is going to true and login success. So, Be careful if you are a responsible developer for your organization.

Your data can be fetch if your condition is '=', it is hacked or checked true. So, follow the process below.

Always use password security mechanism for secure your password.Always follow mysql manual for security before applying security on mysql password.

But when retrive data , you can  use HEX() function from convert it to Hexa decimal format .
As below :

HEX(vchadmin_pass)=HEX('YOur password')

Or use

MD5() other function mentioned below table.


So, Always follow the password security for secure. You can encrypt or decrypt the password when store using the following table :-

AES_DECRYPT()Decrypt using AES
AES_ENCRYPT()Encrypt using AES
COMPRESS()Return result as a binary string
DECODE()Decodes a string encrypted using ENCODE()
DES_DECRYPT()Decrypt a string
DES_ENCRYPT()Encrypt a string
ENCODE()Encode a string
ENCRYPT()Encrypt a string
MD5()Calculate MD5 checksum
OLD_PASSWORD()Return the value of the pre-4.1 implementation of PASSWORD
PASSWORD()Calculate and return a password string
SHA1(), SHA()Calculate an SHA-1 160-bit checksum
SHA2()Calculate an SHA-2 checksum
UNCOMPRESS()Uncompress a string compressed
UNCOMPRESSED_LENGTH()Return the length of a string before compression






Wednesday, 23 May 2012

JAVA: Implementing Singleton design patten for creating single instance with example.

As per the old post related to singleton design patten , here the example of implementation.For implementing the singleton design patten for creating single instance of a class , below one example for better understanding:

//Class with Main function for calling singleton class
public class TestSingleTon {

    /**
     * @param args
     */

    public static void main(String[] args) {
    SingleTonClass classinstance=SingleTonClass.getInstance();
    System.out.println("My SingleTon member value is="+classinstance.testval);
    }

}


//Singleton class 
public class SingleTonClass {

    //create an instance
    private static SingleTonClass my_instance=new SingleTonClass();
   
    private SingleTonClass(){
        //Private Constructor here
        //Not allow to create an object out side
    }
   
    //method to access the instance
    public static SingleTonClass getInstance(){
        return my_instance;
    }
   
    //Member variable
    int testval=10;
   

     //if remove comment from below line , the program will not execute.
    //SingleTonClass s1=new SingleTonClass();
   
}


The output of this program is :-

My SingleTon member value is=10

This is the simple implementation & ensuring one object creation of singleton design patten.Also there are so many other methods are there for implementing signleton ( lazy loading, multiple jvm, etc ).

Thank you
Good Reading.