MD5 hash

This morning I read a blog discussing about how to keep a secure password. The usual way to store a password is first to hash it using MD5 hash and store it in a db. The benefit of using MD5 is you cannot do a reverse-hash.

Here's how you code it in Java :

MessageDigest md = java.security.MessageDigest.getInstance("MD5");
md.update("your password here");
byte[] hashed= md.digest();


To convert it in hex, here's the code (actually I got it from here):



One more tips, for better security, you might consider to add salt before hashing the password to make it less vulnerable. The changes looks like this :

md.update("The salt" + "your password here");

"The salt" here should be created dynamically and stored it along with the hashed password to be used later.


An excellent post on secure password scheme could be found here.