Home
Welcome to Password4j - the open source Java package that keeps safe user passwords.
This wiki is the main source of documentation for developers working with (or contributing to) the Password4j project.
In every application that stores personal sensitive data, the protection of user passwords is fundamental. Choosing the right algorithm to hash the passwords is just the first step: modern algorithms must be properly configured in order to prevent timing attacks.
Password4j is a Java library that meets the developers' needs and helps them to
- hash properly the passwords without any deep knowledge of the underlying algorithm's logic
- verify the provided passwords
- update the existing hash with a more secure algorithm or with the same algorithm but with a different configuration
- choose the most effective configuration for an algorithm in order to prevent timing attacks
