Password4j is a Java fluent cryptographic library for encrypting and checking passwords with different Key derivation functions (KDFs) and Cryptographic hash functions (CHFs).

You can encrypt passwords with

Use Password4j when you need to

What is hashing

Hashing is the process of generating a string, or hash or digest, from a given message using a function known as a Cryptographic hash function. Cryptographic hash functions have many properties:

Also, though, password hashing functions must be slow. A fast algorithm would aid brute force attacks in which a hacker will attempt to guess a password by hashing and comparing billions (or trillions) of potential passwords per second.

What algorithm to choose

This is not a security advice, but here some hints:

Upgrade now your project!

JCA compliancy

Yes! The side project Password4j-JCA extends the Java Cryptography Architecture so that you can use all the algorithms provided by Password4j. Because of the nature of the Security Providers, this library is compatible with Java 9 and up.

Give it a try!