How to correctly encode password using ShaPasswordEncoder?
I want to encode a password using ShaPasswordEncoder in my Spring app.
ShaPasswordEncoder sha = new ShaPasswordEncoder(256);
sha.setIterations(1000);
String hash = sha.encodePassword(password, salt);
But I don't what I should put to salt param. Can it be a static phrase
(e.g. sT4t1cPhr453), or dynamic string different for every user (e.g.
username or user ID)?
No comments:
Post a Comment