char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength();
StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor();
enc.setPasswordCharArray(key);
// since the password is copied, we can scramble it
manager.disposePassword(key);
if (manager.isStrongEncryptionAvailable()) {
enc.setProvider(new BouncyCastleProvider());
enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC");
}