-4

I have explored a lot to search encryption and decryption of passwords in android, I have found many algorithms but not able to find the one which is most secure. I want to first encrypt the password using some key and that should be decrypted using the same key. Which algorithm should I use for this ? Can someone please give an example for this.

Thanks a lot for all your help.

Prithniraj Nicyone
  • 5,021
  • 13
  • 52
  • 78
  • you can use HmacSHA384, or AES – Khizar Hayat Feb 29 '16 at 07:23
  • check this http://stackoverflow.com/a/4846511/3593066 – Mustanser Iqbal Feb 29 '16 at 07:23
  • this one also http://stackoverflow.com/a/3934409/3593066 – Mustanser Iqbal Feb 29 '16 at 07:24
  • 3
    You should never encrypt your user's passwords. You need to use hashing instead with some strong ones being PBKDF2, bcrypt, scrypt and Argon2. Since hash functions are one-way function, you won't be able to "decrypt" the hashes. In order to authenticate your user, you can run the password through the hash function again in order to compare with the hash that is stored in the database. See more: [How to securely hash passwords?](http://security.stackexchange.com/q/211/45523) – Artjom B. Feb 29 '16 at 07:48
  • Please describe what your use case is. – Artjom B. Feb 29 '16 at 07:49
  • 2
    See [tag:password-encryption] for why you should not under any circumstances do this. There are company-breaking legal reasons. See also [here](http://stackoverflow.com/questions/2283937/how-should-i-ethically-approach-user-password-storage-for-later-plaintext-retrie/2287672#2287672). – user207421 Feb 29 '16 at 07:56

2 Answers2

1

Your question is not very ideal for stackoverflow, but anyway, I don't have any ideal answer either.

You may take a look at BCrypt and here's some links to help you to get some ideas about it. BCrypt is of course a CPU-extensive process so you need to rethink before you jump into coding.

Community
  • 1
  • 1
Reaz Murshed
  • 23,691
  • 13
  • 78
  • 98
-1

For storing and password in to application you can use encrypt decrypt concept this is sample how can use base64 encoding here you can find some hint about how to do this.

But as per my suggestion if you are going to store user paswword for login than critical information of user should be not store in preference or db but you can use Account manager for example you can take example of flipcart app for storing password with this method.

Community
  • 1
  • 1
Ajay Pandya
  • 2,417
  • 4
  • 29
  • 65