What password encryption should I use with Node.js? Which is safer? [closed]

0

I am doing a course of node.js and in this the tutor uses md5 to encrypt the password .. more read on some articles that md5 ñ is very safe .. what is the most recommended to use with Node.js?

Thank you!

    
asked by anonymous 02.05.2018 / 00:38

1 answer

2

A good package for this type of action is bcrypt , which generates passwords using salt .

The operation is simple. I'll demonstrate using the following synchronous versions.

const bcrypt = require('bcryptjs');

const password = '123';

const salt = bcrypt.genSaltSync(10);
const hash = bcrypt.hashSync(password, salt);

// Guarde o 'hash' na sua base de dados...

To check (compare) hashes, use:

// Assumindo que 'db_password' seja o hash encriptado no exemplo anterior:

const db_password = db.password; // Imagine que veio da base de dados.

bcrypt.compareSync('123', db_password); // Irá retornar true.
bcrypt.compareSync('456', db_password); // Irá retornar false.

To learn more and better understand how it works, I suggest you take a look at the GITHub repository README:

02.05.2018 / 01:10