how to show decoded password on user details page?
I created a page with users details. Where I can see all the details of users, able to change them if needed. I want to create and check the password for users, and in case when user forgot his password, to provide it. BUT!
I can see only hashed password. the password encoded by BCryptPasswordEncoder.
is there any method for be able to decode this password and to display normal password
I tried to find the answer in internet, but seams that I put the wrong request....
Thank you in advance!
Nope, it is not possible as hashing is a one-way process of transforming input to the fixed-length output.
I suggest rather introducing a password reset mechanism over revealing the password, which is not possible if you use a one-way hashing algorithm.
There are, however, legit use cases a secure piece of information can be revealed to the customer/user, for example, the credit/debit card PIN can be displayed on request in most mobile or internet banking applications.
In such a case, the information (card PIN) has to be encrypted by a 2-way algorithm so you don't lose its raw version. I recommend generating a unique key and using salt for each user. I also recommend using another security layer such as OTP challenge.
- Spring @Sql Annotations, possible to run once before all tests?
- Springboot mySQL Failed to determine a suitable driver class
- Add JSF Message From Spring Bean
- Spring Boot - no log file written (logging.file is not respected)
- Handling Internal Server Error When OAuth Issuer Is Not Available in WebFluxSecurity
- Return file from Spring @Controller having OutputStream
- With deprecation of the `SecurityContextRepository.loadContext(HttpRequestResponseHolder)` method, how do we add `Set-Cookie` to the response?
- How to correctly read Flux<DataBuffer> and convert it to a single inputStream
- Implementing Custom Expression Handling with Spring Security 6
- Can I set a TTL for @Cacheable
- Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect)
- How to fix: Error creating bean with name : Unsatisfied dependency expressed through field
- Error in Java Import statement "The import javax.validation.constraints.NotNull cannot be resolved"
- How to conditionally enable or disable scheduled jobs in Spring?
- How do I get the connection inside of a Spring transaction?
- Kafka No Acknowledgment available as an argument
- How to use fixed values in Spring CrudRepository?
- WARNING: Exception encountered during context initialization - cancelling refresh attempt
- How to increase the maximum length of SpEL expressions in spring boot 3.3.0?
- Start a spring batch job when already within a transaction
- How to persist data in H2 database
- is using DTOs in every case always a good practice?
- How to add custom ApplicationContextInitializer to a spring boot application?
- How do I make the update query executed by JdbcPollingChannelAdapter transactional?
- How to configure a TransactionInterceptor equivalent to the @Transactional annotation for use with PollerMetadata advice
- Spring Webflux - WebClient over TLSv1.2
- Spring 5 WebClient using ssl
- Application version does not show up in Spring Boot banner.txt
- package org.springframework.boot does not exist
- How to specify prefix for all controllers in Spring Boot?