One issue that I have with scrypt and bcrypt for java is that there is no "offic... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jontro on June 6, 2012 \| parent \| context \| favorite \| on: Storing Passwords Securely One issue that I have with scrypt and bcrypt for java is that there is no "official" support for the algorithms in java. When looking at jBCrypt for instance, they're only at version 0.3 with no updates since 2010, makes me really nervous of using it.

tptacek on June 6, 2012 [–]

How many bugfixes do you think a hash function needs? Just use jBCrypt.

cpt1138 on June 6, 2012 | [–]

If you try to use the spec'ed 32 rounds the code borks. I fixed it in my own version of jBCrypt.

lhnn on June 7, 2012 | | [–]

Supply your version to the jbcrypt website, or host it! If you want to put it up for FOSS.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact