Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to hash a password with SHA-512 in Java?

Tags:

java

security

passwords

hash

sha512

I've been investigating a bit about Java String encryption techniques and unfortunately I haven't find any good tutorial how to hash String with SHA-512 in Java; I read a few blogs about MD5 and Base64, but they are not as secure as I'd like to (actually, Base64 is not an encryption technique), so I prefer SHA-512.

like image 976
stack man Avatar asked Oct 12 '15 16:10

stack man

People also ask

How can I hash a password in Java?

SecureRandom random = new SecureRandom(); byte[] salt = new byte[16]; random. nextBytes(salt); Then, we'll use the MessageDigest class to configure the SHA-512 hash function with our salt: MessageDigest md = MessageDigest.

Is it possible to crack SHA512?

SHA512 or technically SHA2 is one of the most secure hash functions available today. Though there are quite a few types of attacks on SHA, none of them are completely successful. Actually, its not so easy to decrypt the output from a hash function.

Is SHA512 a hash?

SHA-512 is a hashing algorithm that performs a hashing function on some data given to it. Hashing algorithms are used in many things such as internet security, digital certificates and even blockchains.

How hash algorithms work explain with example of SHA-512?

SHA-512, or Secure Hash Algorithm 512, is a hashing algorithm used to convert text of any length into a fixed-size string. Each output produces a SHA-512 length of 512 bits (64 bytes). This algorithm is commonly used for email addresses hashing, password hashing, and digital record verification.

2 Answers

you can use this for SHA-512 (Not a good choice for password hashing).

import java.nio.charset.StandardCharsets; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException;  public String get_SHA_512_SecurePassword(String passwordToHash, String salt){     String generatedPassword = null;     try {         MessageDigest md = MessageDigest.getInstance("SHA-512");         md.update(salt.getBytes(StandardCharsets.UTF_8));         byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));         StringBuilder sb = new StringBuilder();         for(int i=0; i< bytes.length ;i++){             sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));         }         generatedPassword = sb.toString();     } catch (NoSuchAlgorithmException e) {         e.printStackTrace();     }     return generatedPassword; }
like image 134
A. Sinha Avatar answered Oct 08 '22 18:10

A. Sinha

Please stop using hash functions to encode passwords! They do not provide the protection you need. Instead, you should be using an algorithm like PBKDF2, bcrypt, or scrypt.

References:

  • http://blog.tjll.net/please-stop-hashing-passwords/
  • http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/
  • https://crackstation.net/hashing-security.htm
  • http://www.sitepoint.com/risks-challenges-password-hashing/
  • http://security.blogoverflow.com/2013/09/about-secure-password-hashing/
like image 21
TheGreatContini Avatar answered Oct 08 '22 18:10

TheGreatContini
Sign in to Comment

Related questions

Top down and Bottom up programming
What's the Color code for Android Hint?
"Field can be converted to a local variable" message appearing when setting Android ActionBar colour
Hibernate CollectionOfElements EAGER fetch duplicates elements
log4j 2 adding multiple colors to console appender
cannot resolve symbol PowerMockRunner
java.lang.NoClassDefFoundError : javax/xml/soap/SOAPException
Call Main thread from secondary thread in Android
How to implement a SQL like 'LIKE' operator in java?
Is there an implementation of JSR-303 (bean validation) available?
Create POJO Class for Kotlin
how to configure hibernate config file for sql server
How to access a field's value in an object using reflection
Quick way to compare methods in IntelliJ
Enable HTTP2 with Tomcat in Spring Boot
Problem generating Java SOAP web services client with JDK tool wsimport from a WSDL generated by a .NET 2.0 application
Spring 3.1, Hibernate 4, SessionFactory
One-byte bool. Why?
How to tune Tomcat 5.5 JVM Memory settings without using the configuration program
Get Date Object In UTC format in Java

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!