No. It is not secure. Take a look at this line:
SecureRandom saltRandomizer = new SecureRandom();
I notice you don't specify a PRNG or provider. I'm no expert but I understand the SUN CSP default is to use sun.security.provider.NativePRNG on Solaris and Linux, which simply provides the output of /dev/urandom which may (or may not) be suitable for your needs (it is not, for example, recommended for the generation of cryptographic keys).
It is therefore recommended to always specify a PRNG and provider, as follows:
SecureRandom.getInstance("SHA1PRNG", "SUN");
Furthermore, it is advisable to:
- Periodically throw away the existing java.security.SecureRandom instance and create a new one. This will generate a new instance with a new seed.
- Periodically add new random material to the PRNG seed by making a call to java.security.SecureRandom.setSeed(java.security.SecureRandom.generateSeed(int)).
The point I'm making is that security is a complex topic that is so easy to get wrong. Don't try and homebrew a solution. Use an existing library. To quote Thomas Pornin's excellent answer:
Complexity is bad. Homemade is bad. New is bad.
Sources: