Home > Enterprise >  Best way for spring boot password encryption not using BCryptPasswordEncoder?
Best way for spring boot password encryption not using BCryptPasswordEncoder?

Time:10-04

How can i encrypt user login password apart from BCryptPasswordEncoder. Suppose I'm not using this dependency.

     <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
     </dependency>

CodePudding user response:

BCryptPasswordEncoder is just another encoder. Spring provides implementations of many such encoders. You can use implementations of different one way hash algorithms like SHA-256, SHA-512 etc. Java provides implementations of the same in java.security package. Check java.security.MessageDigest class.
One advantage of using BCryptPasswordEncoder like encoders is that you do not need to generate random password salt yourself. It takes care of it and uses random salt implicitly and that's why generates different encoded string every time for the same Plain text.

CodePudding user response:

If you don't want to use that library then another option to use is base64 encoder or to use encrypters.
https://docs.spring.io/spring-security/site/docs/5.0.x/reference/html/crypto.html#spring-security-crypto-encryption-text
But I would recommend spring-boot-starter-security dependency, as it has other password encoders too.
You can check below link
https://docs.spring.io/spring-security/reference/features/authentication/password-storage.html#authentication-password-storage
I hope you got your answer.

Page link:https//www.codepudding.com/Enterprise/564785.html

Prev:how to send SystemExit message to server
Next:Opportunity to catch, log, and rethrow exception when an exception occurs in kafka listener containe
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding