Is there any implementation of Argon2 in Spring Security? I can't find any API for it.
The framework has support for Bcrypt and Scrypt, if Argon2 is not supported, which is the best one to choose from - Brypt vs Scrypt ??
I have a doubt, suppose one day the Bcrypt would no more be secure enough(like the few others), how the large existing application handles migrating the already created user? How they decrypt the passwords using the new algorithm?
Stephan van Hulst
posted 6 months ago
When the user successfully logs in with the old algorithm, you can replace their existing key with a new one derived from the password they used to log in with.