1
I wonder if jBCrypt is outdated because it has not updated for two years
https://github.com/josephw/jBCrypt
If so, there would be a replacement for hashing and Salts for java?
1 answer
3
jBCrypt is simply an algorithm implementation bcrypt, so that if:
- There is no bug in this implementation (there is no bug report); and:
- No vulnerability has been discovered in this algorithm (it was not).
So you could say he’s still safe.
The fact that it has not been updated for two years does not mean anything in this case, only that the system has been completed, fulfills its purpose well, and there is nothing more to be done. It would be interesting if he were peer reviewed by people with experience in cryptographic systems, but in the absence of this, we have only the fact that there was no evidence of any problems...
As for alternatives, I don’t know specific implementations, but the bcrypt algorithm is one of the most recommended (the others being PBKDF2 and scrypt). Behold that related question for more details on these algorithms (and the hash process in general).
Browser other questions tagged java hash bcrypt
You are not signed in. Login or sign up in order to post.