all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Do you use bcrypt or other 3rd-party npm packages when hashing user password?

Add to bookmarks
Feb. 10, 2024, 2:02 p.m. | GreenIntro

DEV Community dev.to

Why are people using third party packages like bcrypt to hash user credentials instead of Node's own built-in classes and methods?


https://nodejs.org/api/crypto.html#cryptoscryptpassword-salt-keylen-options-callback


Reduce packages (and dependencies) by using Node's asynchronous scrypt method.


Well how does it work?



import { scrypt, randomBytes } from 'crypto';

const salt = randomBytes(32).toString('hex');
scrypt(password, salt, 32, async (err, derivedKey) => {
  const userToCreate = {
    password: derivedKey.toString('hex'),
    username: username,
    salt: salt,
  };
});


The userToCreate will then contain the hashed password, as well as a …

asynchronous authentication bcrypt credentials crypto dependencies hash hashing hex import it work javascript node npm own packages party password people salt third user credentials webdev work

Visit resource

More from dev.to / DEV Community

How to Get a Free Custom Domain an hour ago | dev.to
article branding can custom +16
Rebuilding TensorFlow 2.8.4 on Ubuntu 22.04 to patch vulnerabilities an hour ago | dev.to
ai amp context critical +17
Keyoxide Identity Proof 3 hours ago | dev.to
claim control dev fingerprint +5
Keyoxide/Ariadne Identity Verification 4 hours ago | dev.to
account control dev fingerprint +7
Unleash The Power of Azure: Creating A Linux VM with SSH keys Security. 5 hours ago | dev.to
access azure cloud cloudengineering +22
Use CloudFlare Workers and D1 to Create a Completely Free CRUD API 6 hours ago | dev.to
api backenddevelopment cdn cloud +24
IOT Raspberry Pi using Azure 7 hours ago | dev.to
above account azure azurefunctions +16
Build a password manager with Rust - Part 2 15 hours ago | dev.to
application article build can +13
Security Features in Push Protocol: Ensuring Safe Communication 16 hours ago | dev.to
applications blockchain communication dapps +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com