In a scenario where you are designing a system that will store and manipulate confidential data (like passwords) which will be stored in the form of strings, how would you ensure that this sensitive data is not prone to security issues related to string handling?
- Use String and encrypt it
- Use String and mark it as 'final'
- Use StringBuilder and set 'secure' flag
- Use char[] to store passwords
To enhance security for sensitive data like passwords, you should use a char[] to store passwords instead of a String. This is because String objects are immutable and linger in memory, making them vulnerable to security risks. char[] can be overwritten, and you can zero it out after use. The other options do not provide similar security benefits.
Loading...
Related Quiz
- Considering threading, which collection class might introduce higher overhead in managing read and write access?
- In Java, if a class implements an interface and does not provide implementations for all its methods, it must be declared as ________.
- In what way does using a PreparedStatement improve performance in comparison to a Statement?
- In which scenarios is it recommended to create a custom exception instead of using a standard Java exception?
- Which of the following expressions will result in a value of true?