java - How do i encrypt password in three layers , SHA1, base64 encode and salt -
i want encrypt , decrypt password high security . first, string password converted sha1 , want add base64 encode , lastly add salt it.
is doable in java?
i have sample code encode in base64 , sha1 not sure how combine them all.
here snippet:
string password = "password"; base64encoder encoder = new base64encoder(); encryptedpassword = encoder.encode(password.getbytes());
using sha1:
messagedigest md = messagedigest.getinstance("sha-1"); md.reset(); md.update(password.getbytes()); system.out.println(new string(md.digest()));
please suggest .
these things have think of when playing around salts:
- generate long random salt using csprng.
- prepend salt password , hash standard cryptographic hash function such sha256.
you need append generated salt (generated cryptographically secure pseudo-random number generator) password , hash sha-1.
since sha-1 hash algorithm, can't decode it. if need encrypt password, may read aes or rsa
i suggest reading article, salted password hashing - doing right, part the right way: how hash properly, if still want hash password properly.
Comments
Post a Comment