Consider using Console for secure inputs

[ghillert]

trafficstars

Currently we use the InputStreamReader. Console provides the readPassword(). Also, in certain situations, e.g. in Eclipse the password will be shown nevertheless, despite setting echo to false:

userInput.prompt("Proxy Server Password", "", false);

Using Console we can test whether the console is available, and we can at least provide a warning to the user in case the Console is unavailble:

Console console = System.console();
if (console == null) {
    System.out.println("WARNING - Passwords are shown!");
    return new Scanner(System.in).next();
}
...