Storing the passwords of auto-login databases plainly in the configuration file is dangerous.
On Windows, there is something called as DPAPI (Data Protection API) that can help in this situation.
On other systems there should be alternatives too.
The question is, how to use the DPAPI in java. Several wrappers available like:
Java DPAPI - Pretty old, the last release was in 2007
Storing the passwords of auto-login databases plainly in the configuration file is dangerous.
On Windows, there is something called as DPAPI (Data Protection API) that can help in this situation. On other systems there should be alternatives too.
The question is, how to use the DPAPI in java. Several wrappers available like:
Some help in this topic:
StackOwerflow
Another way of dealing with this would be that the user have to memorize a shorter crypto-key ("master password") in place of the password.