Secure Password

How to store password in secure way

How to store password in secure way. Examples in java.


MD5
MD5 ( username + password + username )

public static byte[] crypto_hash(String username, String password)
{


byte[] byte_to_be_hashed = (username + password + username).getBytes();


MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] byte_hash = md5.digest(byte_to_be_hashed);

for (int i = 0 ; i < byte_hash.length ; i++)
{

System.out.print(String.format("%02x", byte_hash[i]));

}


return byte_hash;
}


AES128 with one key
AES128( MD5 ( username + password + username ) , SECRETKEY )

public static byte[] crypto_hash(String username, String password)
{

byte[] byte_to_be_hashed = (username + password + username).getBytes();

MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] byte_hash = md5.digest(byte_to_be_hashed);


Cipher aes_cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKeySpec aes_key_spec = new SecretKeySpec("encryptionKEY123".getBytes(), "AES");
aes_cipher.init(Cipher.ENCRYPT_MODE, aes_key_spec);
byte[] encrypted = aes_cipher.doFinal(byte_hash);


for (int i = 0 ; i < byte_hash.length ; i++)
{

System.out.print(String.format("%02x", encrypted[i]));

}


return byte_hash;


}


AES128 with user key
AES128( MD5 ( username + password + username ) , USERKEY )

public static byte[] crypto_hash(String username, String password)
{
byte[] byte_to_be_hashed = (username + password + username).getBytes();
String encryption_key = "encryptionKEY123";

char[] char_encryption_key = encryption_key.toCharArray();
char[] char_username = username.toCharArray();



for (int i = 0 ; i < username.length() ; i++)
{

char_encryption_key[i] = char_username[i];


}

encryption_key = String.valueOf(char_encryption_key);


MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] byte_hash = md5.digest(byte_to_be_hashed);

Cipher aes_cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKeySpec aes_key_spec = new SecretKeySpec(encryption_key.getBytes(), "AES");
aes_cipher.init(Cipher.ENCRYPT_MODE, aes_key_spec);
byte[] encrypted = aes_cipher.doFinal(byte_hash);

for (int i = 0 ; i < byte_hash.length ; i++)
{

System.out.print(String.format("%02x", encrypted[i]));

}


return byte_hash;
}


AES128 with user key
AES128( MD5 ( username + password + username ) , MD5 (username + salt )

public static byte[] crypto_hash(String username, String password)
{

byte[] byte_to_be_hashed = (username + password + username).getBytes();
byte[] byte_key = (username + "mySalt").getBytes();

MessageDigest md5 = MessageDigest.getInstance("MD5");

byte[] byte_hash = md5.digest(byte_to_be_hashed);
byte[] byte_hashed_key = md5.digest(byte_key);

Cipher aes_cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKeySpec aes_key_spec = new SecretKeySpec(byte_hashed_key, "AES");

aes_cipher.init(Cipher.ENCRYPT_MODE, aes_key_spec);
byte[] encrypted = aes_cipher.doFinal(byte_hash);

for (int i = 0 ; i < byte_hash.length ; i++)
{

System.out.print(String.format("%02x", encrypted[i]));

}


return byte_hash;
}