1.0.3 • Published 7 years ago

@agarcian/passwordhash v1.0.3

Weekly downloads
-
License
ISC
Repository
github
Last release
7 years ago

Password Hash

A node.js module to hash passwords based on this article: https://crackstation.net/hashing-security.htm

This produces a password in the following format:

<hashing algorithm>:<number of iterations>:<hashed password>:<unique seed>

For example, the following is a hash for the password Florence123:

sha1:20000:p5GwEABDCx/HwW9p2gMXoyUAMXkWNPU4:dRUwYNvT0iapWk3l+OaiFPzb6z/ii20r

##Benefits

The article describes the algorithm to produce a secure hash for a password. Some of the main benefits is that each entry contains its own secure seed, so every record in the database should have a different seed for every password.

Installation

npm install @agarcian/passwordhash

Usage

var passwordhash = require('@agarcian/passwordhash');

var pwd  = 'my password';
var hash = passwordhash.createHash(pwd, function(err, hash) {
    passwordhash.validatePassword(pwd, hash, function(err, success) {
        console.log('The password hash was validated successfully:' + success ? 'yes' : 'no');
    });
});

Output should be yes

Tests

npm test

passwordhash
asyncbuffer-equal-constant-timecrypto
@infinitebrahmanuniverse/nolb-_aga@everything-registry/sub-chunk-32@zalastax/nolb-_aga
1.0.3

7 years ago

1.0.2

9 years ago

1.0.1

9 years ago

1.0.0

9 years ago