Creating user authentication for web application

I am creating my first web application and want to setup a user authentication scheme though which users can be authenticated and their data c开发者_C百科an be recognized by the database.

For example, for registration/login , their email/ password.

How do I create a robust password, what is that most web applications do?

I am using Java and MySQL

Thank you

Have a look here: http://www.javaworld.com/javaworld/jw-04-2000/jw-0428-websecurity.html, it covers it pretty well. That said, are you using a web framework of any kind? If you're doing anything intended to be a production site you might find Spring & other frameworks solve a lot of well-known problems for you.

** Update: Since you're using the Play! framework, just use their built-in auth unless you have special requirements that it doesn't match. http://www.playframework.org/documentation/1.2.1/guide8