You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for your blog and example on spring boot / jwt.
I notice that you use "$2a$10$bnC26zz//2cavYoSCrlHdecWF8tkGfPodlHcYwlACBBwJvcEf0p2G" as password instead of "test1234". Is this encoded code for "test1234"? Could you explain why do we need encoded code here? How could we get it?
Thanks,
Jessica
The text was updated successfully, but these errors were encountered:
A little late, but I hope this can help someone else.
Typically the back end of an authentication mechanism stores hashed passwords, in this case "$2a$10$bnC26zz//2cavYoSCrlHdecWF8tkGfPodlHcYwlACBBwJvcEf0p2G" is the hash of the password "test1243". It uses the BCrypt hashing function, and if you look at the PasswordEncoderConfig class it uses an instance of BCryptPasswordEncoder, for which the default strength = 10.
You can verify this by going to an online BCrypt encoder such as this one and use 10 for the number of rounds. Note that for BCrypt, each time, a different hash value of length 60 is generated.
Hello Valdimir,
Thanks for your blog and example on spring boot / jwt.
I notice that you use "$2a$10$bnC26zz//2cavYoSCrlHdecWF8tkGfPodlHcYwlACBBwJvcEf0p2G" as password instead of "test1234". Is this encoded code for "test1234"? Could you explain why do we need encoded code here? How could we get it?
Thanks,
Jessica
The text was updated successfully, but these errors were encountered: