1
00:00:00,390 --> 00:00:06,390
In this video, let's try to look at the next passport and court provided by spring security, which

2
00:00:06,390 --> 00:00:10,940
is beginning to passport in the name Looks Bedivere.

3
00:00:10,950 --> 00:00:14,160
But there is some meaning behind that.

4
00:00:14,400 --> 00:00:19,830
The name Peepee KDAF means passport based derivation function, too.

5
00:00:20,010 --> 00:00:27,870
And this passport encoder is a pretty stronger than whatever we have seen previously, like no passport

6
00:00:27,870 --> 00:00:30,090
encoder and standard passport.

7
00:00:30,120 --> 00:00:40,600
And the reason is on top of providing a feature of secret ASOL for hashing, it also has two other parameters.

8
00:00:41,100 --> 00:00:45,750
One is how many times you want to iterate for encoding.

9
00:00:45,960 --> 00:00:51,500
And at the same time, what is the length of your hash that you want to generate?

10
00:00:51,870 --> 00:00:58,110
The more the length of the hash and the more number of iterations that we choose, the stronger your

11
00:00:58,110 --> 00:01:00,270
hash will be for anyone to be correct.

12
00:01:00,630 --> 00:01:08,220
But it comes with its own drawbacks, like it's a slow hashing mechanism since it will perform so many

13
00:01:08,220 --> 00:01:14,520
iterations and it will take enough measures to maintain that length of the hashing.

14
00:01:14,940 --> 00:01:22,410
Due to that reasons, this password encoded is this slow compared to other encoders available in the

15
00:01:22,410 --> 00:01:23,340
spring security.

16
00:01:23,580 --> 00:01:26,130
And to use it, we have three options.

17
00:01:26,130 --> 00:01:30,830
One is where you can directly create a simple constructor without any documents.

18
00:01:30,840 --> 00:01:33,570
That means I don't want to mention any secret.

19
00:01:33,690 --> 00:01:38,520
And at the same time I want to go with the default iterations and the full length of the hoshko.

20
00:01:39,000 --> 00:01:43,980
And the next constructor is where I'll pass the secret that I want to use.

21
00:01:44,340 --> 00:01:50,520
And I'm good to go to use the default values of the number of iterations and the length of the hash.

22
00:01:50,790 --> 00:01:58,140
Last one where I have an option of providing the secret number of citations that I want or the length

23
00:01:58,140 --> 00:02:00,480
of the hash that I want to generate.

24
00:02:00,720 --> 00:02:08,270
So usually by default, for all these constructors, Spring Security Council does one eight five triple

25
00:02:08,340 --> 00:02:15,090
zero as the number of default addresses that it will go, and 256 is the length of the number of bits

26
00:02:15,090 --> 00:02:20,130
that the hash can contain after generating hash outside the normal text.

27
00:02:20,160 --> 00:02:21,090
Using this password.

28
00:02:21,870 --> 00:02:24,820
So these are the three different constructors available.

29
00:02:25,140 --> 00:02:28,110
Let's try to go and look in the code also.

30
00:02:29,500 --> 00:02:34,500
But this president in the same package, like any other password encoders, and it implements password

31
00:02:34,520 --> 00:02:41,620
encoder and here you can see if I'm not specifying through my constructor's, this encoder will construct

32
00:02:41,630 --> 00:02:49,330
default hash with as 256 and default iterations as one eight five triple zero and always have an option

33
00:02:49,330 --> 00:02:57,070
of lowering them to make it even more stronger, to reduce the complexity of the hash by decreasing

34
00:02:57,070 --> 00:03:00,410
these numbers through the third constructor that we have seen.

35
00:03:00,970 --> 00:03:05,830
So here there are three constructor's plus one is which won't accept anything.

36
00:03:06,200 --> 00:03:11,740
And if you're not passing any secret that will call this constructor internally with empty string,

37
00:03:12,040 --> 00:03:17,470
very empty string will be used and default depression and default hash with will be leverage.

38
00:03:17,860 --> 00:03:23,560
But you can also directly call this constructor by passing a secret with default iterations and default

39
00:03:23,560 --> 00:03:25,840
hash, which will be used followed by.

40
00:03:26,050 --> 00:03:32,320
We also have a constructor where you can customize ASPO requirement by passing the secret iterations

41
00:03:32,320 --> 00:03:38,380
on the hash with suppose that we have in code, which is a word method.

42
00:03:38,980 --> 00:03:46,420
This method will be used by Springsure to convert my orginally text of the password into an encoder

43
00:03:46,420 --> 00:03:52,060
encryption by the algorithm, by the side and other parameters that we have use.

44
00:03:52,270 --> 00:03:56,440
And at the same time we also have matches where it try to compare.

45
00:03:56,650 --> 00:04:02,950
After converting or encoding my password with already encoded password in the database, it will try

46
00:04:02,950 --> 00:04:05,850
to compare both of them and they both matches.

47
00:04:05,980 --> 00:04:08,860
It will give it Boolean as true.

48
00:04:09,010 --> 00:04:13,950
But again, you can see here this is not a completely one way hashing.

49
00:04:14,230 --> 00:04:20,649
Due to that, though, it is far better than standard password and for the reason that it is doing more

50
00:04:20,649 --> 00:04:24,080
iterations and it is allowing us to mention the password learn.

51
00:04:24,370 --> 00:04:32,300
But still, this is not recommended to use when compared to the script and a script, password and course.

52
00:04:32,770 --> 00:04:36,670
So let's try to look into a password encoder in that mix.

53
00:04:37,030 --> 00:04:37,600
Thank you.

54
00:04:37,610 --> 00:04:38,020
And by.