问题:
In Swing, the password field has a getPassword() (returns char[] ) method instead of the usual getText() (returns String ) method. 在Swing中,密码字段具有getPassword() (返回char[] )方法,而不是通常的getText() (返回String )方法。 Similarly, I have come across a suggestion not to use String to handle passwords. 同样,我遇到了不使用String处理密码的建议。
Why does String pose a threat to security when it comes to passwords? 为什么在密码方面String会对安全构成威胁? It feels inconvenient to use char[] . 使用char[]感觉很不方便。
解决方案:
参考一: https://stackoom.com/question/bGQd/为什么密码比字符串更喜欢char参考二: https://oldbug.net/q/bGQd/Why-is-char-preferred-over-String-for-passwords
来源:oschina
链接:https://my.oschina.net/u/4438370/blog/4295319