How to hash a password with SHA-512 in Java?

java security passwords hash sha512

Solution 1:

you can use this for SHA-512 (Not a good choice for password hashing).

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

public String get_SHA_512_SecurePassword(String passwordToHash, String salt){
    String generatedPassword = null;
    try {
        MessageDigest md = MessageDigest.getInstance("SHA-512");
        md.update(salt.getBytes(StandardCharsets.UTF_8));
        byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        for(int i=0; i< bytes.length ;i++){
            sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
        }
        generatedPassword = sb.toString();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    return generatedPassword;
}

Solution 2:

Please stop using hash functions to encode passwords! They do not provide the protection you need. Instead, you should be using an algorithm like PBKDF2, bcrypt, or scrypt.

References:

  • http://blog.tjll.net/please-stop-hashing-passwords/
  • http://security.blogoverflow.com/2011/11/why-passwords-should-be-hashed/
  • https://crackstation.net/hashing-security.htm
  • http://www.sitepoint.com/risks-challenges-password-hashing/
  • http://security.blogoverflow.com/2013/09/about-secure-password-hashing/

Related

What are Earth Gemstones for?
Missing portal from mission
Can the split screen in Mario Kart 8 be removed?
Possible to show console messages (written with `message`) in a shiny ui?
Bloodborne locked door in cathedral ward
Why am I wielding shoes instead of a bow?
What are these glowing orbs?
HTML5 Notification not working in Mobile Chrome
How can I be sure of the file encoding?
What's the best way to write Mathematical Equations on the Web?
Anonymous Type vs Dynamic Type
How to create android project with gradle from command line?