Bcrypt Custom password configuration

Question

i am changing the password and then forwarding to /loginuser and redirect to users dashboard. i had secured this with httpbasic authentication since i am a beginner, I am using

Answer 1

I think you have a problem because your encoded password has a length < 28, from spring sources:

if (saltLength < 28) {
            throw new IllegalArgumentException("Invalid salt");
}

how to fix that:

1. Increase salt rounds to 10
2. Try to set minimum password length to 4-5

I hope that helps.