Password Hashing in Java

At work I recently found myself having to store passwords in a database. Since I am relatively new to the world of Java, I spent some time Googling around for something that would fit the bill. While Bouncy Castle is what first came to mind, I found something else quite interesting. jBCrypt is a project that aims to provide a simple interface to Blowfish password hashing.

(For those who haven't come across it before, "hashing" is like one-way encryption. If you need to keep user passwords around, you can store only the hash. Since it's one-way, the idea is that even if someone manages to get ahold of the password database, it will be useless since they won't be able to garner the original password.)

Comments

Popular posts from this blog

Monitoring with statsd and CloudWatch

Xen, "hwcap 0 nosegneg", and -mno-tls-direct-seg-refs

A Grand Adventure: compiling transmission on my home router