What are some things wrong (not best practices) with the all…

What are some things wrong (not best practices) with the allowLogin method below (select all correct answer(s) and no incorrect answer(s) to get credit): static boolean allowLogin(String user, String pwd) { boolean loggedIn = true; try { String realPwd = GetRealPwdFromDb(user); if (!pwd.equals(realPwd)) { loggedIn = false; } } catch (Exception e) { // This cannot happen, ignore } return loggedIn; } static String GetRealPwdFromDb(String user) { // returns the real password associated with user }