Le 11/10/16 à 15:55, Shawn McKinney a écrit : >> On Oct 11, 2016, at 2:20 AM, Emmanuel Lécharny <[email protected]> wrote: >> >> Forgot to mention that storing the password s provided (ie, 'secret', >> for instance) is not a good idea. It does not fit the requirement that a >> password may contain *any* char from 0x00 to 0xFF. We should end up with >> a String that is a representation of the password in hex form : >> 736563726574 for 'secret'. > Struggling with the takeaway… > > ‘Yes’ we change the datatype to a String but its value must undergo a > transformation from string(ascii) -> String(hex)?
Yes, to cover all the chars a password may content. But you may also make it so that the password only contains valid chars (ie, some that can be stored in a String without being invalid), avoiding this hex representation.
