Published in Security
3 minutes read

Why Char[] is Preferred over String for Passwords

In security-sensitive applications, storing passwords securely is crucial to prevent unauthorized access. One common practice is to use char[] arrays instead of String objects for representing passwords.

String Immutability

In Java and other programming languages, strings are immutable, meaning their values cannot be changed after creation. When a string is created and stored in memory, it remains in memory until garbage collected, leaving a possibility that the sensitive information (password) is exposed and remains in the memory even after use.

Memory Management

Strings in Java are stored in the String Pool, a shared pool of strings, which makes it difficult to erase the contents of a string from memory explicitly. This poses a security risk because an attacker with access to the memory could potentially read the password.

Mutable Nature of char[]

On the other hand, char[] arrays are mutable, which means their contents can be modified. When the password is stored in a char[], the application can overwrite the password with random values after use, ensuring that the sensitive data is not left exposed in memory.

Clearing Sensitive Data

Since char[] arrays are mutable, you can explicitly clear the password from memory by filling the array with random values or zeros after its use. This operation helps to minimize the window of opportunity for attackers to access the password in memory.

Garbage Collection

When a String object is no longer referenced, it becomes eligible for garbage collection. However, the timing of garbage collection is not guaranteed. On the other hand, char[] arrays can be cleared explicitly by setting each element to zero or empty character.

0 Comment