I am trying to validate the password strength for a user when an admin creates a new profile.
When the form gets submitted to the backend, i get the password encrypted in PBKDF2. I have to validate it in java, i cannot validate it in zul framework script(My FrontEnd script).
Can someone help me how to decrypt PBKDF2 and validate the password strength with regex.
Encryption can be reversed to recover the original message, but PBKDF2 is not an encryption algorithm. It's a key derivation algorithm, which is designed to be irreversible.
Also, note that it's not secure to perform the PBKDF2 hashing on the front end, and then submit it to the back end which matches it against a stored copy to authenticate a user. This is equivalent of storing the passwords in plain text. The secret transmitted by the front end should never be stored, only its hash.