Securing Java Code: Part 2
Sensitive information refers mainly to passwords, algorithms, and cryptographic keys, but could mean any sort of information a product uses that is not intended for an end user to see. Ideally, this kind of data should never be hard-coded, or put into permanent memory, which can be difficult, because some of Java's other security features, such as automatic garbage collection.
The link for this article located at EarthWeb is no longer available.