You have no excuse NOT to encrypt the passwords of your users

If you’re using hibernate, and you have a website with passwords, there’s a fantastic library called Jasypt to help you seamlessly encrypt the password of your users.

First add the following to your pom.xml:


Then take your entity, and add the following definitions

import ...

  name = "encryptedString",
  typeClass = EncryptedStringType.class,
  parameters = {
    @Parameter(name = "encryptorRegisteredName", value = "strongHibernateStringEncryptor")

@Table(name = "USERS")
public class User implements Serializable {
private Long id;
private String username;
private String password;


@Type(type = "encryptedString")
@Column(name = "PASSWD", nullable = false)
  public String getPassword() {
  return password;

You need to define your Encryptor class, which will take care of encrypting/decrypting your password.
Since you’re probably using Spring, it’s easy, just add the definition in your ApplicationContext.xml

  <bean id="strongEncryptor" class="org.jasypt.encryption.pbe.PooledPBEStringEncryptor">
    <property name="algorithm">
    <property name="password">
      <!-- Put whatever you want, it must be unique and strong -->
    <property name="poolSize">
      <!-- to be optimal, put the number of cores of your processor-->

  <bean id="hibernateStringEncryptor" class="org.jasypt.hibernate.encryptor.HibernatePBEStringEncryptor">
    <property name="registeredName">
    <property name="encryptor">
      <ref bean="strongEncryptor"/>

and that’s basically it! WOW so easy… when you think that many websites are still using UNENCRYPTED passwords, it’s almost a crime.
I didn’t do advanced stuff with Jasypt, but if you’re not using Hibernate or annotations, you can also use it, go to That’s a cool library.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s