Java / Arrays

Why is it a good practice to store sensitive information like password, SSN into a character Array rather than String?

The String objects are immutable and are stored in String pool in memory until garbage collected. So Although a string object is processed and no longer required, for an indeterminate period of time the string object remains in the memory until garbage collected. Even this can not be controlled programmatically. By accessing the memory dump, the hackers could extract sensitive information from the string object hence String is insecure.

Character Array is a mutable object, and when it is no longer required, nullifying the reference guarantees that the object in memory cannot be accessed until garbage collected. Hence character array is prefered for storing sensitive information.

Invest now in Acorns!!! 🚀 Join Acorns and get your $5 bonus!

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Earn passively and while sleeping

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.

More Related questions...

How do I initialize a String array? Is arrays are considered as primitive data types? Arrays.asList(arrayIdentifier) How do I create a list from Array which is completely independent of the original array? What is the index of the first element in an array? How do you print the content of an array in Java? How do you print the content of a multi dimensional array in Java? Why is it a good practice to store sensitive information like password, SSN into a character Array rather than String? What is the tradeoff between using an unordered array versus an ordered array? Which algorithm does Arrays.sort use in Java? Difference between Arrays.sort and Arrays.parallelSort in Java 8. On which memory arrays are created in Java? Can we declare array size as negative? Difference between int array[] and int[] array. The default value of the array in Java. Define jagged array. How to copy an array in Java? Is it possible to make an array volatile? When ArrayIndexOutOfBoundsException occurs? How to check an array contains values or not?

Show more question and Answers...

Strings

Comments & Discussions

OOPS Concepts and its implementation in Java 19 Inheritance 29 JDK, JRE, JVM, JIT 69 Java Identifiers 4 Object, Class and Package 44 Variable 9 Class Variables (Static Variables) 13 Instance Variables (Non Static Variables) 3 Local Variables 6 Package 10 Operators 9 Methods 39 Modifiers 29 Data types 10 Access Modifiers 5 Control Statements 14 Constructor 38 Interface 46 Abstract Class 19 Enum 20 Arrays 20 Strings 32 Using String 29 Exception 55 Collections 56 List and its implementations 22 Map and its implementations 39 Set and its implementations 23 Queue and its implementations 4 Regular expressions 3 Design Patterns 75 Generics 20 Casting 5 volatile 13 Java ThreadLocal 10 Java Multithreading 113 Java Multithreading part II 18 final keyword 13 static keyword 16 Java Transactions (JTA) 21 Concurrent collections 55 Java Serialization 36 JDBC 53 JNDI 17 RMI 6 JAXB 10 Servlet Interview Questions 16 JMX 9 JMS 45 log4j 19 Annotations 10 XML 14 Garbage collection 31 Programs 8 JVM 4 Java8 streams 34 JavaFX 6 Autosys Interview questions 21 The Java Virtual Machine: How and What Is It Used For? Java 11 10 Java 12 5 Top Errors You Should Avoid when Studying Programming Java 17 1 JPMS 6 Java Record Keyword 4 MapStruct Java Interview questions

Recently added...

List some of Open-Source Models/Frameworks/Products.

What is Open Source AI?

What is Closed-Source AI?

Tools to create Custom AI Agents.

Mention a few AI tools that you use.

What is an Azure Bicep?

Explain the Scope Injection problem and provide a solution to fix it.

Difference: API Gateway, Load Balancer, and Reverse Proxy.

Is GraphQL strongly typed?

How is Error Handling done in GraphQL?

What is Federation?

What is Schema Stitching?

What is DataLoader?

What is N+1 Problem in GraphQL?

What is a Subscription in GraphQL?

What are the main components of GraphQL?

How is GraphQL different from REST?

Difference between Project Reactor and WebFlux.

Difference between Mono.fromCallable and Mono.fromRunnable.

Difference between Mono.just() and Mono.defer().

	Interviews Questions Java Spring Hibernate Maven Testing API BigData Web DataStructures Database MuleESB Cloud Scala Tools	About Javapedia.net Javapedia.net is for Java and J2EE developers, technologist and college students who prepare of interview. Also this site includes many practical examples. This site is developed using J2EE technologies by Steve Antony, a senior Developer/lead at one of the logistics based company.
	contact: javatutorials2016[at]gmail[dot]com
Kindly consider donating for maintaining this website. Thanks.
	Copyright © 2026, javapedia.net, all rights reserved. privacy policy.