salt

I have got an simple application made in which I am able to register users and authenticate them. I've got the passwords encoded using and successfully able to authenticate them. I am using Spring 3, Spring Security 3 and Hibernate 3 in my application. Now I want to salt their passwords with the ID of the user but I am not able to achieve this functionality. Could someone help me achieve it? I've been trying to do it for quite some time but ain't able to get it done. Here is the code I've got for salting users with their ID and authenticating them. xyz-security.xml <http auto-config="true" use

I have a database of hashed passwords that had no salt added before they were hashed. I want to add salt to new passwords. Obviously I can't re-hash the existing ones. How would you migrate to a new hashing system? Sure you can. Just add a salt to the existing hash and hash it again. Of course this will require any future logins to go through the same process meaning two hash functions will need to be called but lots of legitimate patterns do this anyway so it doesn't smell as bad as you might think. Salting a password is an effort to defend against rainbow tables. In this case the salt does

Below is my encryption logic. Although my IV is 16bytes long, I still get an error with invalid IV length. Would appreciate any help @Override public String encrypt(String dataToEncrypt, String IV) throws Exception{ if(encryptionKey.length() < 10){ encryptionKey = generateEncryptionKey().toString(); } System.out.println("number of IV bytes is "+IV.length()+" "+IV); Cipher cipher = Cipher.getInstance(encrpytionAlgo); SecretKey key = new SecretKeySpec(encryptionKey.getBytes(Charset.forName("UTF-8")), "AES"); cipher.init(Cipher.ENCRYPT_MODE, key,new IvParameterSpec(IV.getBytes(Charset.forName(