This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
Java's PBEWithSHA1AndDESede algorithm (SHA-1 / 3-DES) is used to encrypt passwords. It creates a random salt for the user using UUID.randomUUID(). We should investigate use of SecureRandom for the random salt.
Switched to SecureRandom. Fixed in changeset: http://hg.netbeans.org/core-main/rev/482c6e99c9a1
Integrated into 'main-golden', will be available in build *201211090001* on http://bits.netbeans.org/dev/nightly/ (upload may still be in progress) Changeset: http://hg.netbeans.org/main-golden/rev/482c6e99c9a1 User: Libor Fischmeistr <lfischmeistr@netbeans.org> Log: #218784: Investigate use of SecureRandom instead of randomUUID