Security professional with many years of experience with the practical application of cryptographic algorithms and protocols. I've helped with the design of protocols and API's within international standardization bodies. Over 30 years of general experience with computers, starting with MSX Basic at an early age. I've developed in Java for as long as the language exists (Kotlin is looking good too).

---

Copy/paste security doesn't exist.

All of the high scoring answers on StackOverflow have displayed grave security mistakes.

If the code runs it does not mean it is secure. I would guess that about 10% of the code posted on StackOverflow could be secure. If you want to learn cryptography I highly recommend Crypto I from Dan Boneh at Coursera as a (University level) introductory course.

The most basic and therefore most common security mistakes:

• not understanding the difference between encoding and encryption;
• using keys or IV's directly derived from text / passwords;
• using ECB mode encryption;
• using MD5, DES or other outdated cryptographic algorithms;
• not understanding on how to use an IV / nonce;
• performing password hashing (or key derivation) without applying PBKDF2, bcrypt or scrypt
• using ciphertext that is not protected by an authentication tag;
• thinking that OTP (XOR-encryption) can be made secure (without inventing an inefficient stream cipher);
• encryption without establishing trust (most browser based encryption);
• using textbook RSA or using RSA to directly encrypt messages;
• inventing transport based security instead of using (D)TLS;
• not using a cryptographically secure random number generator.

If you're making any of the above mistakes please hire a professional. Please do not rely solely on StackExchange answers.