I am using Bcrypt as password hashing algorithm for Spring security project.
When I tried using online Bcrypt calculator it generates different hash values for the same plain text password. This is due to salting which I understood.
But for authentication in a real spring security app the application reads the password entered by user and generates bcrypt hash and then compares it with the bcrypt hash stored in database. If it matches it authenticates the user.
How does it match if bcrypt generates different values each time.?