This article will explain to you how to use Node.js the Crypto module to add salt to your password hash . Here, we will not make a detailed comparison of the password storage methods that we do not understand. What we are going to do is to know the
(a) Why do I use hash functions to encrypt passwords
If you need to save a password (such as a website user's password), you should consider how to protect the password data, and it is extremely unsafe to write the password directly to the database
We know that if the password is hashed directly, then the hacker can get a hash value by obtaining this password, and then by checking the hash value dictionary (for example, MD5 password cracking site), the password of a user.Adding salt can solve
Transferred from: http://blog.csdn.net/blade2001/article/details/6341078We know that if the password is hashed directly, then the hacker can get a hash value by obtaining this password, and then by checking the hash value dictionary (for example, MD5
Detailed explanation of how to execute hash and salt operations on passwords
The hash and salt operations on passwords are not unfamiliar. The two Visual Studio Enterprise Edition examples use this method to encrypt this
1 backgroundThe system involved in authentication needs to store the user's authentication information, the commonly used user authentication method mainly is the user name and the password way, in order to be safe, the user input password needs to
The hash and Salt operations on passwords are not unfamiliar. The two Visual Studio Enterprise Edition examples use this method to encrypt this method. Combined with the sample code, I summarized a class that includes static methods such as
If the password is hashed directly, the hacker can obtain the password of a user by querying the hash dictionary (for example, MD5 password cracking website. After adding the salt, it will be much more difficult. even if you have obtained the salt
See a very good article, introduced the system in the password to save the various problems encountered and solutions.
Not much to say, directly on the code, the original link in the last
/* * Password Hashing with PBKDF2
We know that if the password is hashed directly, hackers can obtain the hash value of the password, and then query the hash value Dictionary (for example, MD5 password cracking website ), obtain the password of a user.
Add salt can solve this
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.