Can anyone pass me some material with the safest way to do system security?
I want to put this in the user registry in my JSF project with Primefaces 5.1 for when it is registered to save the password already encrypted in the database.
Can anyone pass me some material with the safest way to do system security?
I want to put this in the user registry in my JSF project with Primefaces 5.1 for when it is registered to save the password already encrypted in the database.
You can use the Bcrypt lib.
// criptografando
password = BCrypt.hashpw(password, BCrypt.gensalt());
// verificando se são a mesma senha
BCrypt.checkpw(password, userCheck.getPassword(); // retorna true/false
Currently I use it in my java projects, quite safe, a detail is that in no way you can decrypt the password. You can only compare a String with an already encrypted password