GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → qaware → heimdall

qaware / heimdall

Licence: MIT License
Secure Password Storage

Programming Languages

java
68154 projects - #9 most used programming language

Labels

securityalgorithmhashpbkdf2heimdall

Projects that are alternatives of or similar to heimdall

phc-crypto
Hashing algorithms simplified (supports Argon2, Bcrypt, Scrypt, and PBKDF2)
Stars: ✭ 22 (-42.11%)
Mutual labels:  hash, pbkdf2
noble-hashes
Audited & minimal JS implementation of SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2 & Scrypt
Stars: ✭ 213 (+460.53%)
Mutual labels:  hash, pbkdf2
password-dart
A set of high-level APIs over PointyCastle and CryptoUtils to hash and verify passwords securely.
Stars: ✭ 40 (+5.26%)
Mutual labels:  hash, pbkdf2
hash-wasm
Lightning fast hash functions using hand-tuned WebAssembly binaries
Stars: ✭ 382 (+905.26%)
Mutual labels:  hash, pbkdf2
crypthash-net
CryptHash.NET is a .NET multi-target library to encrypt/decrypt/hash/encode/decode strings and files, with an optional .NET Core multiplatform console utility.
Stars: ✭ 33 (-13.16%)
Mutual labels:  hash
Valour
An open source chat client for freedom
Stars: ✭ 52 (+36.84%)
Mutual labels:  hash
hash
Data management, integration and modeling with blocks #
Stars: ✭ 400 (+952.63%)
Mutual labels:  hash
agent
hashtopolis.org
Stars: ✭ 19 (-50%)
Mutual labels:  hash
bcrypt
Swift implementation of the BCrypt password hashing function
Stars: ✭ 30 (-21.05%)
Mutual labels:  hash
awesome-identicons
A curated list of "Visual Hashs" (Identicon, Avatar, Fractal, RandomArt and general Hash Visualization)
Stars: ✭ 156 (+310.53%)
Mutual labels:  hash
komihash
Very fast, high-quality hash function (non-cryptographic, C) + PRNG
Stars: ✭ 68 (+78.95%)
Mutual labels:  hash
jscrypto
Crypto library for Node/ES6/Typescript/Browser.
Stars: ✭ 20 (-47.37%)
Mutual labels:  hash
lthash
A homomorphic hash function
Stars: ✭ 61 (+60.53%)
Mutual labels:  hash
bromberg sl2
Cayley hashing as in "Navigating in the Cayley Graph of SL₂(𝔽ₚ)"
Stars: ✭ 32 (-15.79%)
Mutual labels:  hash
php-ntlm
Message encoder/decoder and password hasher for the NTLM authentication protocol
Stars: ✭ 14 (-63.16%)
Mutual labels:  hash
cdnupload
Upload your site's static files to a directory or CDN, using content-based hashing
Stars: ✭ 41 (+7.89%)
Mutual labels:  hash
pthash
Fast and compact minimal perfect hash functions in C++.
Stars: ✭ 62 (+63.16%)
Mutual labels:  hash
Bitcoin-wallet-cracker
Automated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses
Stars: ✭ 140 (+268.42%)
Mutual labels:  pbkdf2
JSum
Consistent checksum calculation of JSON objects.
Stars: ✭ 64 (+68.42%)
Mutual labels:  hash
phpass-starter
A starter project for Phpass.
Stars: ✭ 24 (-36.84%)
Mutual labels:  hash
View All Similar Projects ➔

Heimdall Logo

Heimdall - Secure Password Hashing

Build Status License Download

This library implements a secure and upgradeable password hashing mechanism. See this blog post for details.

Why not just use PBKDF2, scrypt, bcrypt, etc.?

Actually, this library uses (some of) these algorithms. But it makes it easier for you: no need to worry about iterations, salt generation and the same. And if a flaw is discovered in one of the algorithms, the library makes sure that the hashes in your database are automatically updated to a secure format (provided you use the pattern as shown in the usage block down below).

Usage

Dependencies

The JARs are available via JCenter and Maven Central. If you are using Maven to build your project, add the following to the pom.xml file:

<dependencies>
    <dependency>
        <groupId>de.qaware.heimdall</groupId>
        <artifactId>heimdall</artifactId>
        <version>$LATEST_VERSION</version>
    </dependency>
</dependencies>

In case you are using Gradle to build your project, add the following to the build.gradle file:

repositories {
    jcenter()    
    mavenCentral()
}

dependencies {
	compile 'de.qaware.heimdall:heimdall:$LATEST_VERSION'
}

Replace $LATEST_VERSION with the version from this badge:

Download

Create a hash

Password password = PasswordFactory.create();

try(SecureCharArray cleartext = new SecureCharArray(...)) { // Read cleartext password from user
    String hash = password.hash(cleartext);
    // Persist the hash in a database etc...
}

Verify the hash

Password password = PasswordFactory.create();

String hash = ... // Load hash from persistent storage
try(SecureCharArray cleartext = new SecureCharArray(...)) { // Read cleartext password from user
    if (password.verify(cleartext, hash)) {
        if (password.needsRehash(hash)) { // Check if the hash uses an old hash algorithm, insecure parameters, etc.
            String newHash = password.hash(cleartext);
            // Persist the new hash in a database etc...
        }

        // Password is correct, proceed...
    } else {
        // Password is incorrect
    }
}

Changes

Looking for a change log?

Technical details

By default this library uses the PBKDF2 SHA-1 HMAC (PBKDF2WithHmacSHA1) with 20000 iterations and 192 bit (24 byte) of salt.

Useful resources

Maintainer

Moritz Kammerer (@phxql), [email protected]

Contributors

See the list of contributors.

License

This software is provided under the MIT open source license, read the LICENSE.txt file for details.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].