In Java, message digest is represented by “java.security.MessageDigest class”.
All main classes in java.security package are instantiated using the factory method “getInstance()”.
This method takes the String parameter, which is the name of the algorithm used to calculate message digest. There are three algorithms supported by the default JDK security provider:
Here’s the sample code for calculating the message digest of the password (assuming that the variable pwd contains password text):
MessageDigest md5 = MessageDigest.getInstance("MD5");byte pwdBytes = pwd.getBytes("latin1");md5.update(pwdBytes);byte msgDigestBytes = md5.digest();
You can store this in the database, and the next time a user logs in, you can calculate the message digest of that password and compare it to bytes in the database. Plus, the password text is not exposed in the database table.