Generated on May 9, 2024 via pnpm

Npm

Home

bcryptjs 2.4.3

Optimized bcrypt in plain JavaScript with zero dependencies. Compatible to 'bcrypt'.

bcrypt

password

auth

Package summary

issues

license

Package created

1 May 2013

Version published

7 Feb 2017

Maintainers

Total deps

Direct deps

License

MIT

Issues

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

bcryptjs@2.4.3

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of bcryptjs 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities

Tree

Treemap

Frequently Asked Questions

What does bcryptjs do?

bcryptjs is a potent npm package that allows developers to hash passwords effectively. It applies the bcrypt algorithm in plain JavaScript with zero dependencies. This library is primarily applied in password hashing, a crucial step in storing user passwords securely, as it provides protection against rainbow table attacks and remains resistant to brute-force search attacks. bcryptjs is compatible with C++ bcrypt binding on node.js and works just as effectively in a browser. However, it's noteworthy that being written in pure JavaScript, it is generally slower than its C++ counterpart, reducing the number of iterations processed in an equal time span.

How do you use bcryptjs?

bcryptjs offers a straightforward utilization process. To employ it in a node.js environment, install it using the recommended npm command, npm install bcryptjs, and later require the bcryptjs library in your JavaScript file.

After that, use it like this:

var bcrypt = require('bcryptjs');
var salt = bcrypt.genSaltSync(10);
var hash = bcrypt.hashSync("B4c0/\/", salt);

Above, we've generated a password hash. To validate a password, load the hash from your password database and use it in comparison like this:

// Load hash from your password DB.
bcrypt.compareSync("B4c0/\/", hash); // returns true if passwords match
bcrypt.compareSync("not_bacon", hash); // returns false if passwords do not match

For automatic salt generation and hashing:

var hash = bcrypt.hashSync('bacon', 8);

The library also provides an asynchronous way of hashing and checking passwords:

var bcrypt = require('bcryptjs');
bcrypt.genSalt(10, function(err, salt) {
    bcrypt.hash("B4c0/\/", salt, function(err, hash) {
        // Store hash in your password DB.
    });
});

Verifying password:

// Load hash from your password DB.
bcrypt.compare("B4c0/\/", hash, function(err, res) {
    // res === true if passwords match
});
bcrypt.compare("not_bacon", hash, function(err, res) {
    // res === false if passwords do not match
});

Where are the bcryptjs docs?

The detailed documentation on bcryptjs, encompassing its methods, parameters, and functionalities, is available directly on the bcryptjs GitHub page at https://github.com/dcodeIO/bcrypt.js. It provides a thorough walkthrough on both synchronous and asynchronous usage, including real-time examples and method explanations. For instance, globalfunctions such as genSaltSync(), hashSync(), and compareSync() are given broad explanations on the docs page. Plus, the bcryptjs GitHub page is continuously updated, meaning developers can stay updated on any new changes and usage instructions.