Which of the following is a built-in password encoder provided by Spring Security?
A) BCryptPasswordEncoder
B) SHA256PasswordEncoder
C) MD5PasswordEncoder
D) RSAEncoder
Answer:
A) BCryptPasswordEncoder
Explanation:
Spring Security provides the BCryptPasswordEncoder
as a built-in password encoder, which is widely used for securely hashing passwords. BCrypt is a strong, adaptive hashing algorithm designed to be computationally intensive, making it difficult for attackers to crack hashed passwords using brute force attacks.
When you use BCryptPasswordEncoder
to encode passwords, Spring Security automatically salts the passwords before hashing, adding an extra layer of security. This makes it more secure than older, less computationally expensive hashing algorithms like MD5 or SHA.
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String hashedPassword = passwordEncoder.encode("myPassword");