paramMap = ParameterUtil.parse(value);
        assertEquals(3, paramMap.size());
        assertEquals("value", paramMap.get("key.with.dots"));
        assertEquals("value with spaces", paramMap.get("key_with_underscores"));
        assertEquals("value@#$%", paramMap.get("key-with-dashes"));
    }

    public void test_encrypt_advancedScenarios() {

   *
   * <ul>
   *   <li>Any part containing non-ASCII characters is considered valid.
   *   <li>Underscores ('_') are permitted wherever dashes ('-') are permitted.
   *   <li>Parts other than the final part may start with a digit, as mandated by <a
   *       href="https://tools.ietf.org/html/rfc1123#section-2">RFC 1123</a>.
   * </ul>
   *

Se o seu banco de dados for roubado, o invasor não terá as senhas em texto puro dos seus usuários, apenas os hashes.

Então, o invasor não poderá tentar usar essas senhas em outro sistema (como muitos usuários utilizam a mesma senha em vários lugares, isso seria perigoso).

## Instalar o `passlib`

O PassLib é uma excelente biblioteca Python para lidar com hashes de senhas.

Ele suporta muitos algoritmos de hashing seguros e utilitários para trabalhar com eles.

    header was being leaked to the origin server.
 *  Fix: Digits may be used in a URL scheme.
 *  Fix: Improve connection timeout recovery.
 *  Fix: Recover from `getsockname` crashes impacting Android releases prior to
    4.2.2.
 *  Fix: Drop partial support for HTTP/1.0. Previously OkHttp would send
    `HTTP/1.0` on connections after seeing a response with `HTTP/1.0`. The fixed

 * This class currently pins a certificate's Subject Public Key Info as described on
 * [Adam Langley's Weblog][langley]. Pins are either base64 SHA-256 hashes as in
 * [HTTP Public Key Pinning (HPKP)][rfc_7469] or SHA-1 base64 hashes as in Chromium's
 * [static certificates][static_certificates].
 *
 * ## Setting up Certificate Pinning
 *

/**
 * {@link LoadingCache} tests that deal with empty caches.
 *
 * @author mike nonemacher
 */

@NullUnmarked
public class EmptyCachesTest extends TestCase {

  public void testEmpty() {
    for (LoadingCache<Object, Object> cache : caches()) {
      checkEmpty(cache);
    }
  }


  public void testInvalidate_empty() {
    for (LoadingCache<Object, Object> cache : caches()) {
      cache.getUnchecked("a");

            function.bits(),
            function);
      }
    }

    @Override
    HashCode makeHash(Hasher[] hashers) {
      byte[] bytes = new byte[bits() / 8];
      int i = 0;
      for (Hasher hasher : hashers) {
        HashCode newHash = hasher.hash();
        i += newHash.writeBytesTo(bytes, i, newHash.bits() / 8);
      }
      return HashCode.fromBytesNoCopy(bytes);
    }

    for (LoadingCache<Object, Object> cache : caches()) {
      // don't let the entries get GCed
      List<Entry<Object, Object>> unused = warmUp(cache);
      assertEquals(WARMUP_SIZE, cache.size());
      assertMapSize(cache.asMap(), WARMUP_SIZE);
      checkValidState(cache);
    }
  }

  public void testContainsKey_found() {
    for (LoadingCache<Object, Object> cache : caches()) {
      // don't let the entries get GCed

     */

Der Dieb kann also nicht versuchen, die gleichen Passwörter in einem anderen System zu verwenden (da viele Benutzer überall das gleiche Passwort verwenden, wäre dies gefährlich).

## `passlib` installieren

PassLib ist ein großartiges Python-Package, um Passwort-Hashes zu handhaben.