Geek Culture
Published in

Geek Culture

Encrypt Passwords and Keys in a Spring Boot Project using Jasypt

How to keep your passwords safe in a public repository

Source:https://unsplash.com/

I hear about many people’s stories who push their Google or Amazon API key, password, or something like that to a public repository, and they have real troubles.

So to make sensitive info safe you should encrypt it, How? That is what you will know in the following section

If you already have a project, you can skip this step 1 to create a new project!

Step 1: Generate a new spring boot project

Step 2:

We need Jasypt dependency, for me, it’s version 3.0.3, you can check for the last version here.

You will need this plugin too:

Step 3: Encryption

There are two ways to encrypt a text using Jasypt.

The 1st way: is by going to Jasypt-online

Source:https://www.devglan.com

Then you replace your password or key with : ENC(the_Hash_Code_Genarated), see the example below.

The 2ed way: is using command line:

mvn jasypt:encrypt-value -Djasypt.encryptor.password=MySecretKey -Djasypt.plugin.value=myPassword

Step 4: Compile project

To compile the project you should give them the secret key is not it will the compilation will fail, and to do that you have two options, one is by command line:

mvn spring-boot:run -Djasypt.encryptor.password=MySecretKey

The second option is using IDE:

Edit Configurations…-> Configuration -> VM options

Then write this command: -Djasypt.encryptor.password=MySecretKey

To decrypt the hash code also, you can use Jasypt-online or command line:

Using website see the GIF bellow

Source:https://www.devglan.com

Using the command line:

mvn jasypt:decrypt-value -Djasypt.encryptor.password=MySecretKey -Djasypt.plugin.value=ENC(XsGP8uozNnjLuvcAojDQqfiz/8kK1Mhv)

Now you are enabled to use Jasypt to encrypt your passwords and keep your sensitive info safe.

Resources:

http://www.jasypt.org

https://www.devglan.com

--

--

--

A new tech publication by Start it up (https://medium.com/swlh).

Recommended from Medium

NFT SCAMS

What is Phishing?

{UPDATE} Sudoku Baron Hack Free Resources Generator

{UPDATE} princesa valiente talud aguas peligrosas Hack Free Resources Generator

This Is Paying Everyone Very Well!

Massive Data Breach At Big Basket, Details of 2 Crore Users Put on Sale

An IdIOT’s Guide to the Internet of Things

Best Practice to Secure your WebHooks

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
SABBAR El Mehdi

SABBAR El Mehdi

Full Stack Developer

More from Medium

Spring Boot CI-CD with Github Actions and deploy on Heroku cloud.

Application Development — Database Design the Better Way using Spring JPA, PostgreSQL and…

Design application better way

Obfuscate Spring Boot Applications with Proguard Maven Plugin

Apache Kafka with Spring Boot Application