The Crypto module
The Spring Security Crypto module allows you to do password encoding, symmetric encryption, and key generation. The module is bundled as part of the core Spring Security offering with no dependency upon other Spring Security code.
Password encoding
Modernized password encoding is one of the new features of Spring Security 5. Spring Security's PasswordEncoder interface is central to it and does one-way hashing of passwords using various algorithms, which can then be stored securely. Spring Security supports a number of password-encoding algorithms:
BcryptPasswordEncoder: This uses the Bcrypt strong hash function. You can optionally supply the strength parameter (default value is 10); the higher the value, the more work has to be done to hash the password.Pbkdf2PasswordEncoder: This uses Password-Based Key Derivation Function 2 (PKDF2) with a configurable number of iterations and an 8-byte random salt value.ScryptPasswordEncoder: This uses the Scrypt hashing function. While...
