... and a Java version too
After releasing py-bcrypt, I noticed that there is no equivalent for Java. Worse, the top two Google recommendations for “Java password hashing” and “Java password encryption” are really bad: one example uses reversible encryption (using single-DES ECB mode no less), where reversible encryption should only be used when it is really needed and as a last resort. The others recommend the use of an unsalted hash, which allows reverse lookup of the original password from a pre-computed dictionary of digests (a.k.a a “rainbow table”). (I refuse to link to the articles, because by doing so I would further cement their status at the top of Google’s rankings and thereby perpetuate their bad advice)
Why should developers care about the reversability of password encryption or hashing? Because users have been shown to frequently use the same password in multiple places, and if your password database is disclosed then the attacker can revese it at their leisure and then use it to attack other services that your customers use.
I think the best remedy for this situation is to release an implementation of a good password hashing scheme for Java: jBCrypt. This uses the same algorithm as py-bcrypt: Provos and Mazieres’ “A Future-Adapable Password Scheme”, first introduced by OpenBSD and now available in other operating systems (including Solaris 10+). jBCrypt has a really simple API, a license that is very permissive, and a set of JUnit tests to make sure it works.