Why getText() in JPasswordField was deprecated?
Solution 1:
When calling getText
you get a String (immutable object) that may not be changed (except reflection) and so the password stays in the memory until garbage collected.
When calling getPassword
you get a char array that may be modified, so the password will really not stay in memory.
Solution 2:
Try this :
String myPass=String.valueOf(passwordField.getPassword());
Solution 3:
The reason for this is that if you ask for the password as a String rather than as a character array, this string containing the password is now going to float around in the Java runtime's memory for some unspecified amount of time. It may be conceivably read from there by a rogue Java component or external program.
By using a char array instead, you can verify the password and then scramble it immediately.