I had a thought that it would be more secure to pass password data around in VFS as byte arrays instead of String objects so they could less easily be found by memory dumpers/scanners. This would apply (for instance) to GenericFileName constructor and access methods, etc. Obviously, at some point, you have to convert to String (like in "GenericFileName.appendCredentials"), but it seems like at least some level of obfuscation, as in storing the data as bytes might be useful to increase security.
Thoughts? Thanks. ~Roger Whitcomb Apache Pivot PMC Chair
