Usage of Password4j

Password4j uses 3 verbs:

hash in order to hash a plain text password
check in order to check and hash against a plain text password
update in order to update an hash after it is checked.

A possible statement is

Hash hash = Password.hash(plaintTextPassword)
                    .addNewRandomSalt()
                    .addPepper(somePepper)
                    .withSCrypt();

which hashes a plainTextPassword with scrypt prepending somePepper and adding a randomly generated salt.

Aside from indentation, this is just a one line of Java code!

For more information about Password4j statements, see here.

The Hash object

An object of type Hash is always returned when you use the hash verb. For example:

Hash hash = Password.hash(plainTextPassword)...

It always contains:

Attribute	Example
The computed hash as `String`	`hash.getResult()`
The computed hash as `byte[]`	`hash.getBytes()`
The salt used during the computation as `String`	`hash.getSalt()`
The pepper used for the computation as `CharSequence`	`hash.getPepper()`
A singleton instance of the `HashingFunction` used for the computation	`hash.getHashingFunction()`

The HashUpdate object

An object of type HashUpdate is always returned when you use the update verb. For example:

HashUpdate update = Password.check(hash, plainTextPassword)...andUpdate()...

It always contains:

Attribute	Example
A `boolean` which tells if the check is passed.	`update.isVerified()`
An `Hash` object containing the information of the refreshed hash. If the check has not passed, this is `null`.	`update.getHash()`

Created by David Bertoldi with 🗿

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Usage of Password4j

The Hash object

The HashUpdate object

Clone this wiki locally