diff --git a/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCrypt.java b/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCrypt.java index 1b545e59771..1fc4fe7a169 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCrypt.java +++ b/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCrypt.java @@ -62,7 +62,7 @@ public class BCrypt { // BCrypt parameters - private static final int GENSALT_DEFAULT_LOG2_ROUNDS = 10; + public static final int GENSALT_DEFAULT_LOG2_ROUNDS = 12; private static final int BCRYPT_SALT_LEN = 16; diff --git a/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java index d17511b0338..8329ec4d2f2 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java @@ -29,7 +29,8 @@ * Implementation of PasswordEncoder that uses the BCrypt strong hashing function. Clients * can optionally supply a "version" ($2a, $2b, $2y) and a "strength" (a.k.a. log rounds * in BCrypt) and a SecureRandom instance. The larger the strength parameter the more work - * will have to be done (exponentially) to hash the passwords. The default value is 10. + * will have to be done (exponentially) to hash the passwords. The default value is + * {@value BCrypt#GENSALT_DEFAULT_LOG2_ROUNDS}. * * @author Dave Syer */ @@ -97,7 +98,7 @@ public BCryptPasswordEncoder(BCryptVersion version, int strength, SecureRandom r throw new IllegalArgumentException("Bad strength"); } this.version = version; - this.strength = (strength == -1) ? 10 : strength; + this.strength = (strength == -1) ? BCrypt.GENSALT_DEFAULT_LOG2_ROUNDS : strength; this.random = random; } diff --git a/docs/modules/ROOT/pages/features/authentication/password-storage.adoc b/docs/modules/ROOT/pages/features/authentication/password-storage.adoc index dcbf3ab8ad3..28a54b15052 100644 --- a/docs/modules/ROOT/pages/features/authentication/password-storage.adoc +++ b/docs/modules/ROOT/pages/features/authentication/password-storage.adoc @@ -324,7 +324,7 @@ https://docs.spring.io/spring-security/site/docs/5.0.x/api/org/springframework/s The `BCryptPasswordEncoder` implementation uses the widely supported https://en.wikipedia.org/wiki/Bcrypt[bcrypt] algorithm to hash the passwords. In order to make it more resistent to password cracking, bcrypt is deliberately slow. Like other adaptive one-way functions, it should be tuned to take about 1 second to verify a password on your system. -The default implementation of `BCryptPasswordEncoder` uses strength 10 as mentioned in the Javadoc of https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html[BCryptPasswordEncoder]. You are encouraged to +The default implementation of `BCryptPasswordEncoder` uses strength 12 as mentioned in the Javadoc of https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.html[BCryptPasswordEncoder]. You are encouraged to tune and test the strength parameter on your own system so that it takes roughly 1 second to verify a password. .BCryptPasswordEncoder diff --git a/docs/modules/ROOT/pages/features/integrations/cryptography.adoc b/docs/modules/ROOT/pages/features/integrations/cryptography.adoc index 137b3e8b694..744368c13b4 100644 --- a/docs/modules/ROOT/pages/features/integrations/cryptography.adoc +++ b/docs/modules/ROOT/pages/features/integrations/cryptography.adoc @@ -212,7 +212,7 @@ The `BCryptPasswordEncoder` implementation uses the widely supported "bcrypt" al Bcrypt uses a random 16 byte salt value and is a deliberately slow algorithm, in order to hinder password crackers. The amount of work it does can be tuned using the "strength" parameter which takes values from 4 to 31. The higher the value, the more work has to be done to calculate the hash. -The default value is 10. +The default value is 12. You can change this value in your deployed system without affecting existing passwords, as the value is also stored in the encoded hash. .BCryptPasswordEncoder