Java encryption alternitive to hardcoded key

Question

I am new to encryption.

I have looked at the javax.crypto documentation and got encryption of a file to work using this code ...

File saveFile = new File         


        

Answer 1

An attacker can always do everything the program can do and usually quite a bit more. The only way to get things secure is the use information not under control of the program. Request the user to enter a password or put information in a store under control of the operating system. The later will not help if an attacker has physical access or maybe even a lot of rights unless special hardware like a Trusted Platform Module (TPM) is involved.