Hashing Passwords with Node.js and Bcrypt

Hashing Passwords with Node.js and Bcrypt

The bcrypt library help you hash passwords easily in an easy way.

Requirements for hashing with Node.js and Bcrypt

1 Bcrypt

Bcrypt is a password hashing function designed by Niels Provos and David Mazières, based on the Blowfish cipher, and presented at USENIX in 1999.[1] Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power[Bcrypt].

npm install bcrypt --save 

2 Node.Js usage

const bcrypt = require('bcrypt');

Usage of Bcrypt library in Node.Js

Bcrypt library supports both synchronous and asynchronous methods.

1 Synchronous usage - Generating + Verifiying

//For Generating
let hash = bcrypt.hashSync('SomePassword', 10);
//For Verifiying and comparing
if(bcrypt.compareSync('SomePassword', hash)){
 // The two passwords are equal
} else {
 // The two passwords are not equal
}

2 Asynchronous usage - Generating + Verifiying

//For Generating
bcrypt.hash('SomePassword', 10).then(hash=>{
    //The variable hash store the hashed password
})
//For Verifiying and comparing
bcrypt.compare('SomePassword', hash).then(result=>{
    if (!result) {
        // The two passwords are not equal
    }else{
        // The two passwords are equal
    }
})