3

I would like to store my DB password in Java .property file and encrypt it using Jasypt. But from what I see, it just moves the problem from hiding the DB Password to hiding the encryption password.

I thought of using environment variable to store the encryption password, but it requires effort by the dev to change/set whenever there is a leak, also it will be visible in plaintext somewhere. Besides that, I also thought of using Vault, but the dev team does not seem like they want to implement a dedicated Vault server. I have also read this, and they said that there is no solution 9 years ago..

Is there a (preferably simple) solution to this now?

Improve this question
1
  • Seriously, how can Java be so bad? Commented Nov 8, 2022 at 15:39

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.