Why character array is preferred while storing password instead of String?

character array is preferred while storing password

Strings are immutable and get stored in heap memory once created, by taking dump of memory one can easily access the passwords stored in it and there’s no way to destroy this data before garbage collection get performed.

But from an array the data can be easily be wiped out. You can overwrite the array with anything you like, and the password won’t be present anywhere in the system, even before garbage collection.

So because of this security concern arrays are preferred over String reduces the chances of attack from outside the system.

Java Professional with rich experience in Java development.
– Designing and developing high-volume, low-latency applications with high-availability and performance.
– Writing well designed, robust and efficient code.

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

LinkedIn Auto Publish Powered By : XYZScripts.com