This article will explain to you how to use Node.js the Crypto module to add salt to your password hash . Here, we will not make a detailed comparison of the password storage methods that we do not understand. What we are going to do is to know the
1 backgroundThe system involved in authentication needs to store the user's authentication information, the commonly used user authentication method mainly is the user name and the password way, in order to be safe, the user input password needs to
I. State the Workflow:1. According to the existing password string to generate a password + salt string, You can also store the salt of the encrypted string in the database (see requirements),2. Verify that the submitted password string is encrypted
(a) Why do I use hash functions to encrypt passwords
If you need to save a password (such as a website user's password), you should consider how to protect the password data, and it is extremely unsafe to write the password directly to the database
Detailed explanation of how to execute hash and salt operations on passwords
The hash and salt operations on passwords are not unfamiliar. The two Visual Studio Enterprise Edition examples use this method to encrypt this
Currently, the MD5 password database has a huge amount of data, and most common passwords can reverse query the plaintext of the password through the MD5 Digest. To prevent internal personnel (persons who can access database or database backup files)
Adding salt is a way to increase the file encryption strength. We know that encryptionAlgorithmThe longer the user password, the stronger the encryption strength (when the user password is fully utilized). In fact, the so-called "salt" is to
MD5 encryption (or digest algorithm) Everyone is familiar with it, and it doesn't explain.Now a lot of database design like to use one-way encryption to save the password, verify that the password is encrypted once again to do a ciphertext
A simple md5 and salt encryption method (to prevent rainbow tables from hitting the database)
Md5 encryption (or digest algorithm) is not explained if you are familiar with it.
Currently, many database designs prefer to use one-way encryption to
Read a lot of tutorials on the Internet, have mentioned the configuration of spring Shiro password encryption, and even gave a custom class to implement. Are rarely solved by configuration.
The password Salt value encryption method should be very
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.