I would like to know if jBCrypt is out of date because it has not updated for two years
If yes, would you have any replacement for hashs and salts for java?
I would like to know if jBCrypt is out of date because it has not updated for two years
If yes, would you have any replacement for hashs and salts for java?
jBCrypt is simply an implementation of the algorithm bcrypt , so that:
So you can say that it's still safe.
The fact that it has not been updated for two years means nothing in this case, only that the system has been completed, fulfills its purpose, and there is nothing else to do. It would be interesting that it was peer reviewed by people with experience in cryptographic systems, but in the absence of that, we have only the fact that there was no evidence of any problems ...
As for alternatives, I do not know any specific implementations, but the bcrypt algorithm is one of the most recommended (the others being PBKDF2 and scrypt ). See this related question for more details on these algorithms (and the hash process in general).