Always make the effort parameters a configuration setting. You want to change those values in the future. For BCrypt it is just a weight parameter, which at this point should be something like 11 or 12. The weight is exponential. You might want to benchmark it. Something between 0.25 and 0.50 seconds is a nice performance without annoying legitimate users too much. For SCrypt there are two parameters, CPU and memory cost, which would be 214 and 8 respectively.
BCrypt and SCrypt are vastly different algorithms with vastly different characteristics. BCrypt is battle-tested, it has been around a long time, and still holds up. It is also properly understood by experts. SCrypt is much newer, theoretically it should be better, when configured correctly. As it is much newer, it has not received the same amount of scrutiny by experts. Additionally, performance of SCrypt in Java is quite bad compared to what can be achieved when using special CPU instructions.
Two things concerning password encryption:
Always make the effort parameters a configuration setting. You want to change those values in the future. For BCrypt it is just a weight parameter, which at this point should be something like 11 or 12. The weight is exponential. You might want to benchmark it. Something between 0.25 and 0.50 seconds is a nice performance without annoying legitimate users too much. For SCrypt there are two parameters, CPU and memory cost, which would be 214 and 8 respectively.
BCrypt and SCrypt are vastly different algorithms with vastly different characteristics. BCrypt is battle-tested, it has been around a long time, and still holds up. It is also properly understood by experts. SCrypt is much newer, theoretically it should be better, when configured correctly. As it is much newer, it has not received the same amount of scrutiny by experts. Additionally, performance of SCrypt in Java is quite bad compared to what can be achieved when using special CPU instructions.
It might be best to use BCrypt in Java. Spring's JavaDoc for Scrypt also refers to this interesting article about BCrypt vs. SCrypt.
Or maybe make use of
DelegatingPasswordEncoderand even make that part of your system configurable.