Re: Doubt in Security basics

From: Kevin Conaway (
Date: 02/15/05

  • Next message: Randy: "Re: Doubt in Security basics"
    Date: Tue, 15 Feb 2005 11:26:55 -0500
    To: Babu Kopparam <>


    Strings in Java are immutable, meaning you cant change them. You can
    only modify copies of the original. Because of this, if a password
    was read into a String, you couldn't write over it to erase its
    contents from memory. It would be at the mercy of the garbage

    With a char [], you can overwrite the elements of the array and be
    reasonably safe that the password is gone from memory.


    On Tue, 15 Feb 2005 07:28:08 -0800 (PST), Babu Kopparam
    <> wrote:
    > Hi! List,
    > Probably i feel this doubt is related with basic knowledge.
    > Whenever capturing the password, char[] is used instead of String object. What purpose does this solve.
    > --- I am referring to JAVA.
    > Thanks in advance,
    > -Babu.

  • Next message: Randy: "Re: Doubt in Security basics"