[FTP and FTPS] using char[] password instead of String

[Nicholas Castorina <ni...@openmarket.com>]

Howdy,
Is there a way to use the FTPSClient.login(username, password) where password is a char[] instead of a String?  Strings are immutable and don't get removed from memory until garbage collection.  That means that the password can possibly be recovered from a memory dump.  However, if password was a char[], I could do Arrays.fill(password, ' ') and there would be no traces of the password in memory once I was done with using it.

For a more detailed explanation of this, you can go to http://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords.

I didn't see an option for a char[] instead of String for password, but I could have missed one.  If there is not currently a way to use a char[], you could also probably get away with changing the password from type String to CharSequence (the interface that String implements).  That way FTPSClient is backwards compatible and you can clear passwords after use by using a CharBuffer (also implements CharSequence) instead of a String.

Thanks,
Nicholas Castorina

This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
you may review at http://www.amdocs.com/email_disclaimer.asp

Re: [FTP and FTPS] using char[] password instead of String

[Gary Gregory <ga...@gmail.com>]

Nicholas,

We could add a FTPClient.login(String, char[]) method but using char[] all
the way through the login code path could mean a lot of change. You might
want to create a feature request in a JIRA. Patches are always welcome.

Gary

On Wed, Nov 5, 2014 at 11:20 AM, Nicholas Castorina <
nicholas.castorina@openmarket.com> wrote:

> Howdy,
> Is there a way to use the FTPSClient.login(username, password) where
> password is a char[] instead of a String?  Strings are immutable and don't
> get removed from memory until garbage collection.  That means that the
> password can possibly be recovered from a memory dump.  However, if
> password was a char[], I could do Arrays.fill(password, ' ') and there
> would be no traces of the password in memory once I was done with using it.
>
> For a more detailed explanation of this, you can go to
> http://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords
> .
>
> I didn't see an option for a char[] instead of String for password, but I
> could have missed one.  If there is not currently a way to use a char[],
> you could also probably get away with changing the password from type
> String to CharSequence (the interface that String implements).  That way
> FTPSClient is backwards compatible and you can clear passwords after use by
> using a CharBuffer (also implements CharSequence) instead of a String.
>
> Thanks,
> Nicholas Castorina
>
> This message and the information contained herein is proprietary and
> confidential and subject to the Amdocs policy statement,
> you may review at http://www.amdocs.com/email_disclaimer.asp
>



-- 
E-Mail: garydgregory@gmail.com | ggregory@apache.org
Java Persistence with Hibernate, Second Edition
<http://www.manning.com/bauer3/>
JUnit in Action, Second Edition <http://www.manning.com/tahchiev/>
Spring Batch in Action <http://www.manning.com/templier/>
Blog: http://garygregory.wordpress.com
Home: http://garygregory.com/
Tweet! http://twitter.com/GaryGregory

AW: [FTP and FTPS] using char[] password instead of String

[Bernd Eckenfels <ec...@zusammenkunft.net>]

Hello,

i am hated at work to introduce char[] parameters for passwords, and after having a few years of experience with it I can say they are hardly worth it: Most often the caller has strings to work with anyway and need to copy them to char Array or the called Code Works with strings, or it is hard for the caller and callee to agree when to zero the Content. And if You Look closely with all generational collectors a string object typically survives not even the first eden copy (typically seconds).

having Said that, it might be good to consider CharSequence in future APIs.

Bernd

-- 
http://bernd.eckenfels.net

----- Ursprüngliche Nachricht -----
Von: "Nicholas Castorina" <ni...@openmarket.com>
Gesendet: ‎05.‎11.‎2014 19:01
An: "user@commons.apache.org" <us...@commons.apache.org>
Betreff: [FTP and FTPS] using char[] password instead of String

Howdy,
Is there a way to use the FTPSClient.login(username, password) where password is a char[] instead of a String?  Strings are immutable and don't get removed from memory until garbage collection.  That means that the password can possibly be recovered from a memory dump.  However, if password was a char[], I could do Arrays.fill(password, ' ') and there would be no traces of the password in memory once I was done with using it.

For a more detailed explanation of this, you can go to http://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords.

I didn't see an option for a char[] instead of String for password, but I could have missed one.  If there is not currently a way to use a char[], you could also probably get away with changing the password from type String to CharSequence (the interface that String implements).  That way FTPSClient is backwards compatible and you can clear passwords after use by using a CharBuffer (also implements CharSequence) instead of a String.

Thanks,
Nicholas Castorina

This message and the information contained herein is proprietary and confidential and subject to the Amdocs policy statement,
you may review at http://www.amdocs.com/email_disclaimer.asp