Home > nodeJS > Credential V0.2.5 – Easy Password Hashing For Node

Credential V0.2.5 – Easy Password Hashing For Node

images

Credential is easy password hashing and verification in Node. Protects against brute force, rainbow tables, and timing attacks.

Employs cryptographically secure, per password salts to prevent rainbow table attacks. Key stretching is used to make brute force attacks impractical. A constant time verification check prevents variable response time attacks.

The latest version won’t throw if you try to hash or verify with an undefined or empty password. Instead, it passes an error into the callback so you can handle it more easily in your application.

Installing

npm install –save credential

.Hash()


var pw = require('credential'),
 newPassword ='password';
pw.hash(newPassword,function(err,hash){
 if(err){throw err;}
 console.log('Store the password hash.', hash);
});

.Verify()

var pw = require('credential'),
 storedHash = '{"hash":"PJM0MHOz+qARffD4kJngkBlzGeR1U5ThUMx3aPW+qVokea7t5UhKXU8z8CTHTaf3MYLpnt/8dtdaCf7GxMUXr0cJ","salt":"oLfUniVJ9YcpNGzpAi8AQxzGzVBzC26AgsnmjNlEXWR6XGWl+08b+b5Px7jSebErDjkEuoovqkMpnk9D52gkA1M0","keyLength":66,"hashMethod":"pbkdf2","workUnits":60}',
 userInput = 'I have a really great password.';

pw.verify(storedHash, userInput, function (err, isValid) {
 var msg;
 if (err) { throw err; }
 msg = isValid ? 'Passwords match!' : 'Wrong password.';
 console.log(msg);
});

Advertisements
Categories: nodeJS
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: