public void testPutAfterHash() {
    Hasher hasher = Hashing.hmacMd5(MD5_KEY).newHasher();

    assertEquals(
        "9753980fe94daa8ecaa82216519393a9",
        hasher.putString("The quick brown fox jumps over the lazy dog", UTF_8).hash().toString());
    assertThrows(IllegalStateException.class, () -> hasher.putInt(42));
  }

  public void testHashTwice() {
    Hasher hasher = Hashing.hmacMd5(MD5_KEY).newHasher();

    try {
      return MessageDigest.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
      throw new AssertionError(e);
    }
  }

  @Override
  public Hasher newHasher() {
    if (supportsClone) {
      try {
        return new MessageDigestHasher((MessageDigest) prototype.clone(), bytes);
      } catch (CloneNotSupportedException e) {
        // falls through
      }

  @J2ktIncompatible
  @GwtIncompatible // doesn't build without explicit type parameters on build() methods
  public void testGenerics() {
    ListMultimap<String, Integer> unusedA = MultimapBuilder.hashKeys().arrayListValues().build();
    SortedSetMultimap<String, Integer> unusedB =
        MultimapBuilder.linkedHashKeys().treeSetValues().build();
    SetMultimap<String, Integer> unusedC =

    try {
      return MessageDigest.getInstance(algorithmName);
    } catch (NoSuchAlgorithmException e) {
      throw new AssertionError(e);
    }
  }

  @Override
  public Hasher newHasher() {
    if (supportsClone) {
      try {
        return new MessageDigestHasher((MessageDigest) prototype.clone(), bytes);
      } catch (CloneNotSupportedException e) {
        // falls through
      }

	}
}

// KafkaSHA256 is a function that returns a crypto/sha256 hasher and should be used
// to create Client objects configured for SHA-256 hashing.
var KafkaSHA256 scram.HashGeneratorFcn = sha256.New

// KafkaSHA512 is a function that returns a crypto/sha512 hasher and should be used
// to create Client objects configured for SHA-512 hashing.
var KafkaSHA512 scram.HashGeneratorFcn = sha512.New

    }
  }

  public void testPutAfterHash() {
    Hasher sha1 = Hashing.sha1().newHasher();

    assertEquals(
        "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12",
        sha1.putString("The quick brown fox jumps over the lazy dog", UTF_8).hash().toString());
    assertThrows(IllegalStateException.class, () -> sha1.putInt(42));
  }

  public void testHashTwice() {
    Hasher sha1 = Hashing.sha1().newHasher();

    assertEquals(

Der Dieb kann also nicht versuchen, die gleichen Passwörter in einem anderen System zu verwenden (da viele Benutzer überall das gleiche Passwort verwenden, wäre dies gefährlich).

## `passlib` installieren

PassLib ist ein großartiges Python-Package, um Passwort-Hashes zu handhaben.

  /**
   * Creates a new, empty {@code HashMultimap} with the default initial capacities.
   *
   * <p>You may also consider the equivalent {@code
   * MultimapBuilder.hashKeys().hashSetValues().build()}, which provides more control over the
   * underlying data structure.
   */
  public static <K extends @Nullable Object, V extends @Nullable Object>
      HashMultimap<K, V> create() {

  @Param HashFunctionEnum hashFunctionEnum;

  private byte[] testBytes;

  @BeforeExperiment
  void setUp() {
    testBytes = new byte[size];
    random.nextBytes(testBytes);
  }

  @Benchmark
  int hasher(int reps) {
    HashFunction hashFunction = hashFunctionEnum.getHashFunction();
    int result = 37;
    for (int i = 0; i < reps; i++) {
      result ^= hashFunction.newHasher().putBytes(testBytes).hash().asBytes()[0];
    }

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like Passlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.
* ...etc.