While there are many reasons to use the 'final' keyword in Java, one of the ones I keep hearing over and over again is that it makes your code more secure. While this seems to make sense in this trivial case:
public class Password
{
public final String passwordHash;
...
}
With the final keyword, you would expect that no malicious code would be able to change the variable passwordHash. However, using reflection it is possible to change the final modifier on the passwordHash field.
So does 'final' provide any real security, or is it just placebo?
Edit: There is some really interesting discussion, and I wish I could accept more than one answer. Thanks everyone for your input.
It's not 'security' in the sense of 'withstanding an attack'; it's more like 'harder to mess up by mistake'.
I prefer the word 'safety' as I feel it's more like preventing an accident, not malice.