-
Class Summary
| Class |
Description |
| BCrypt |
BCrypt implements OpenBSD-style Blowfish password hashing using
the scheme described in "A Future-Adaptable Password Scheme" by
Niels Provos and David Mazieres.
|
Package org.mindrot.jbcrypt Description
BCrypt implementation for password hashing and verification.
This package provides a Java implementation of the BCrypt password hashing algorithm,
which is a strong, adaptive password hashing function designed for secure password storage.
BCrypt incorporates a salt to protect against rainbow table attacks and includes
a work factor to make brute force attacks computationally expensive.
Key Components
BCrypt - Main BCrypt implementation class
Main Features
- Strong password hashing using the Blowfish cipher
- Automatic salt generation and management
- Configurable work factor for computational difficulty
- Password verification against stored hashes
- Thread-safe implementation
Usage
// Hash a password
String hashed = BCrypt.hashpw(password, BCrypt.gensalt());
// Verify a password
boolean matches = BCrypt.checkpw(candidate, hashed);
Security Notes
- Work factor should be tuned based on current hardware capabilities
- Higher work factors provide better security but require more computation time
- Suitable for password storage in authentication systems