How do I validate user’s password with PasswordEncryptor?

Every application that you’ll create may require an authentication process. This authentication process will at least contains a process of checking user’s login name and their password. To make the system reliable the password we usually stored the password in an encrypted form.

The BasicPasswordEncryptor which implements the PasswordEncryptor interface provide a BasicPasswordEncryptor.encryptPassword(String password) method for encrypting user’s password. To check if the user’s password is correct we use the BasicPasswordEncryptor.checkPassword(String plainText, String encryptedPassword) method.

package org.kodejava.example.jasypt;

import org.jasypt.util.password.BasicPasswordEncryptor;
import org.jasypt.util.password.PasswordEncryptor;

public class PasswordEncryptorDemo {
    public static void main(String[] args) {
        // Creates an instance of BasicPasswordEncryptor.
        PasswordEncryptor encryptor = new BasicPasswordEncryptor();

        // Encrypted version of user password.
        String encrypted = encryptor.encryptPassword("secret");
        System.out.println("encrypted = " + encrypted);

        // Compare user's plain text password with the encrypted one to check
        // if they are match.
        if (encryptor.checkPassword("secret", encrypted)) {
            System.out.println("Welcome to Jasypt");
        } else {
            System.out.println("Invalid secret word, access denied!");


Programmer, runner, recreational diver, live in the island of Bali, Indonesia. Mostly programming in Java, creating web based application with Spring Framework, Hibernate / JPA.


  1. Thank you. Thats quite OK, but my problem is that the resulting encrypted password is different every time you use encrypt.Password(myPassword). I guess that this is due to some autogenerated random salt, and that is also OK by it self, but how do I get my hand on this random salt? I need it right?

    My practical problem is that I use the encrypted pw to encrypt data. But when the password-encryption does not produce the same output for the very same password – I cannot decrypt my data this way. Can you help me find the way?

    Have a nice day!

  2. Perhaps I finally found the solution to my problem. The BasicPasswordEncryptor is just ment for authorization and not for generating obscured passwords for passwordbased encryption of data such as BasicTextEncryptor. I guess I just use some hash function and a fixed salt manually. Sorry for bothering you 😛

Leave a Reply