Exercise 7-1. Write a PasswordManager class that associates usernames with passwords and has methods for creating and deleting username/password pairs, changing the password associated with a username, and authenticating a user by verifying a supplied password. PasswordManager should store the usernames and passwords in a file (or in a database if you’ve already read Chapter 18).

Note, however, that the class should not store the passwords as plain text, as that would allow an intruder who broke into the PasswordManager system to obtain full access to all passwords. To prevent this, it is common to use a one-way function to encrypt passwords. Message digests, such as those used in Example 7-4, provide exactly this kind of a one-way function. Computing a message digest for a password is relatively easy, but going in the opposite direction (from digest to password) is very difficult or impossible.

Design the PasswordManager class so that instead of storing the actual password, it stores only a message digest of the password. To verify a user’s password, your class should compute a digest for the supplied password and compare it to the stored digest. If the digests match, you can assume that the passwords also match. (There is actually an infinitesimally small chance that two different passwords will produce the same message digest, but you can disregard this possibility.)

Exercise 7-2. Write a network service and client that allow a user to change her current password that ...