I am writing a java program that uses the Bing Api. I recently decided to open source my code at code.google.com. However, I am looking for an alternative to hardcoding the key. Does anyone have any suggestions?
Asked
Active
Viewed 4,192 times
2 Answers
2
Read the password from a file, and don't upload the file to the repository.
Zenadix
- 15,291
- 4
- 26
- 41
2
Store the password as a hash in a file. Then read it from the file. You can use any already built hashing that you like.
This SO question has awesome info on how you can start hashing today: How can I hash a password in Java?
Also no need to save the file to the project, just make the path to your Desktop, for example.
-
Ok, now I have the hash and salt, what steps do I need to decode it in the program? – Kurtoid Sep 06 '14 at 23:12
-
The user does not input the password. What i need to encode is a API key to send. – Kurtoid Sep 06 '14 at 23:24
-
I think I'll use this tomorrow.http://blog.sortedset.com/how-to-encrypt-decrypt-a-password-stored-in-a-properties-file-with-java-jasypt-apache-commons-configuration/ – Kurtoid Sep 07 '14 at 00:32
-
Looks good, it has nice tester code. – apxcode Sep 07 '14 at 00:37