@agarcian/passwordhash
v1.0.3
Published
Salted password hashing with PBKDF2. (Adapted from http://crackstation.net/hashing-security.htm)
Downloads
10
Readme
Password Hash
A node.js module to hash passwords based on this article: https://crackstation.net/hashing-security.htm
This produces a password in the following format:
<hashing algorithm>:<number of iterations>:<hashed password>:<unique seed>
For example, the following is a hash for the password Florence123:
sha1:20000:p5GwEABDCx/HwW9p2gMXoyUAMXkWNPU4:dRUwYNvT0iapWk3l+OaiFPzb6z/ii20r
##Benefits
The article describes the algorithm to produce a secure hash for a password. Some of the main benefits is that each entry contains its own secure seed, so every record in the database should have a different seed for every password.
Installation
npm install @agarcian/passwordhash
Usage
var passwordhash = require('@agarcian/passwordhash');
var pwd = 'my password';
var hash = passwordhash.createHash(pwd, function(err, hash) {
passwordhash.validatePassword(pwd, hash, function(err, success) {
console.log('The password hash was validated successfully:' + success ? 'yes' : 'no');
});
});
Output should be yes
Tests
npm test