Skip to content
-
Password Encryption in Node.js using bcryptjs Module
Last Updated :
12 Jun, 2024
When developing applications, one of the critical aspects of user authentication is ensuring that passwords are stored securely. Plain text storage of passwords is a significant security risk. Instead, passwords should be encrypted using strong hashing algorithms. In Node.js, one of the popular modules for this purpose is bcryptjs.
What is bcryptjs?
bcryptjs is a JavaScript implementation of the bcrypt password hashing function. It is designed to be secure and efficient, making it a suitable choice for hashing passwords in Node.js applications.
Key Features
- Security: Uses a computationally intensive hashing algorithm to make brute-force attacks difficult.
- Salting: Adds a unique salt to each password to ensure that even if two users have the same password, their hashes will be different.
- Cross-Platform: Works across different operating systems and platforms.
Approach
To encrypt password in Node App using bcrypt module, firstly
- The
bcryptjs module is imported. A plain text password password is defined. A variable hashedPassword is declared to store the hashed password. bcrypt.genSalt(10, function (err, Salt) {...}) generates a salt with 10 rounds and executes a callback function with the generated salt.- Inside the salt generation callback,
bcrypt.hash(password, Salt, function (err, hash) {...}) hashes the password with the generated Salt. - If an error occurs, an error message is logged. If successful, the hashed password is stored in
hashedPassword and logged. bcrypt.compare(password, hashedPassword, async function (err, isMatch) {...}) compares the original password with the hashed password.- If they match, logs indicate successful encryption and matching. If they don't match, an error message is logged.
Steps to Set Up Node Project and Implement bcrypt
Step 1: You can visit the link to Install bcryptjs module. You can install this package by using this command.
npm install bcryptjs
Step 2: After installing bcryptjs module you can check your request version in the command prompt using the command.
npm version bcryptjs
Step 3: After that, you can create a folder and add a file for example index.js, To run this file you need to run the following command.
node index.js
Example: Implementation to show encryption in Node.js using bcryptjs module
Node
// Filename - index.js
// Requiring module
const bcrypt = require('bcryptjs');
const password = 'pass123';
const hashedPassword;
// Encryption of the string password
bcrypt.genSalt(10, function (err, Salt) {
// The bcrypt is used for encrypting password.
bcrypt.hash(password, Salt, function (err, hash) {
if (err) {
return console.log('Cannot encrypt');
}
hashedPassword = hash;
console.log(hash);
bcrypt.compare(password, hashedPassword,
async function (err, isMatch) {
// Comparing the original password to
// encrypted password
if (isMatch) {
console.log('Encrypted password is: ', password);
console.log('Decrypted password is: ', hashedPassword);
}
if (!isMatch) {
// If password doesn't match the following
// message will be sent
console.log(hashedPassword + ' is not encryption of '
+ password);
}
})
})
})
Step to run the application: Run the application using the following command:
node index.js
Output: We will see the following output on the console screen.
$2a$10$4DRBPlbjKO7WuL2ndpbisOheLfgVwDlngY7t18/ZZBFNcW3HdWFGm Encrypted password is: pass123 Decrypted password is: $2a$10$4DRBPlbjKO7WuL2ndpbisOheLfgVwDlngY7t18/ZZBFNcW3HdWFGm
Similar Reads
Node JS | Password Hashing with Crypto module In real-life applications with User authentication functionality, storing the user passwords as the original string in the database is not practical. Still, it is good practice to hash the password and then store them in the database. Crypto module for Node JS helps developers to hash user passwords
5 min read
Explain the use of crypto module in Node.js In this article, we will explore the crypto module and what are its uses in Node.js. NodeJS supports a large number of third-party modules. These modules can be used for performing different kinds of tasks. The crypto module is also a 3rd party module that can be imported and used in NodeJS. This mo
3 min read
Password Hashing with MD5 module in Node.js MD5 module in node.js uses a message-digest algorithm and it is a widely used hash function producing a 128-bit hash value. Password hashing is an important concept because, in the database, the actual password should not be stored as its a bad practice and also make the system less secure, so the p
2 min read
Google Authentication using Passport in Node.js The following approach covers how to authenticate with google using passport in nodeJs. Authentication is basically the verification of users before granting them access to the website or services. Authentication which is done using a Google account is called Google Authentication. We can do Google
2 min read
How to Build Password Generator using Node.js? Creating a password generator is a common and practical programming task that helps enhance security by generating random passwords. Using Node.js, you can build a simple and effective password generator with various features, such as customizable length, inclusion of special characters, and more. T
3 min read
Node.js crypto.sign() Function Cryptography is the process of converting plain text into unreadable which is hashed from text and vice-versa and the crypto.sign() is used to create signature of data. Syntax: crypto.sign(algorithm, data, key)Parameters: This function accepts the following parameters: algorithm: It is a string-ty
3 min read
`;
$(commentSectionTemplate).insertBefore(".article--recommended");
}
loadComments();
});
});
function loadComments() {
if ($("iframe[id*='discuss-iframe']").length top_of_element && top_of_screen articleRecommendedTop && top_of_screen articleRecommendedBottom)) {
if (!isfollowingApiCall) {
isfollowingApiCall = true;
setTimeout(function(){
if (loginData && loginData.isLoggedIn) {
if (loginData.userName !== $('#followAuthor').val()) {
is_following();
} else {
$('.profileCard-profile-picture').css('background-color', '#E7E7E7');
}
} else {
$('.follow-btn').removeClass('hideIt');
}
}, 3000);
}
}
});
}
$(".accordion-header").click(function() {
var arrowIcon = $(this).find('.bottom-arrow-icon');
arrowIcon.toggleClass('rotate180');
});
});
window.isReportArticle = false;
function report_article(){
if (!loginData || !loginData.isLoggedIn) {
const loginModalButton = $('.login-modal-btn')
if (loginModalButton.length) {
loginModalButton.click();
}
return;
}
if(!window.isReportArticle){
//to add loader
$('.report-loader').addClass('spinner');
jQuery('#report_modal_content').load(gfgSiteUrl+'wp-content/themes/iconic-one/report-modal.php', {
PRACTICE_API_URL: practiceAPIURL,
PRACTICE_URL:practiceURL
},function(responseTxt, statusTxt, xhr){
if(statusTxt == "error"){
alert("Error: " + xhr.status + ": " + xhr.statusText);
}
});
}else{
window.scrollTo({ top: 0, behavior: 'smooth' });
$("#report_modal_content").show();
}
}
function closeShareModal() {
const shareOption = document.querySelector('[data-gfg-action="share-article"]');
shareOption.classList.remove("hover_share_menu");
let shareModal = document.querySelector(".hover__share-modal-container");
shareModal && shareModal.remove();
}
function openShareModal() {
closeShareModal(); // Remove existing modal if any
let shareModal = document.querySelector(".three_dot_dropdown_share");
shareModal.appendChild(Object.assign(document.createElement("div"), { className: "hover__share-modal-container" }));
document.querySelector(".hover__share-modal-container").append(
Object.assign(document.createElement('div'), { className: "share__modal" }),
);
document.querySelector(".share__modal").append(Object.assign(document.createElement('h1'), { className: "share__modal-heading" }, { textContent: "Share to" }));
const socialOptions = ["LinkedIn", "WhatsApp","Twitter", "Copy Link"];
socialOptions.forEach((socialOption) => {
const socialContainer = Object.assign(document.createElement('div'), { className: "social__container" });
const icon = Object.assign(document.createElement("div"), { className: `share__icon share__${socialOption.split(" ").join("")}-icon` });
const socialText = Object.assign(document.createElement("span"), { className: "share__option-text" }, { textContent: `${socialOption}` });
const shareLink = (socialOption === "Copy Link") ?
Object.assign(document.createElement('div'), { role: "button", className: "link-container CopyLink" }) :
Object.assign(document.createElement('a'), { className: "link-container" });
if (socialOption === "LinkedIn") {
shareLink.setAttribute('href', `https://www.linkedin.com/sharing/share-offsite/?url=${window.location.href}`);
shareLink.setAttribute('target', '_blank');
}
if (socialOption === "WhatsApp") {
shareLink.setAttribute('href', `https://api.whatsapp.com/send?text=${window.location.href}`);
shareLink.setAttribute('target', "_blank");
}
if (socialOption === "Twitter") {
shareLink.setAttribute('href', `https://twitter.com/intent/tweet?url=${window.location.href}`);
shareLink.setAttribute('target', "_blank");
}
shareLink.append(icon, socialText);
socialContainer.append(shareLink);
document.querySelector(".share__modal").appendChild(socialContainer);
//adding copy url functionality
if(socialOption === "Copy Link") {
shareLink.addEventListener("click", function() {
var tempInput = document.createElement("input");
tempInput.value = window.location.href;
document.body.appendChild(tempInput);
tempInput.select();
tempInput.setSelectionRange(0, 99999); // For mobile devices
document.execCommand('copy');
document.body.removeChild(tempInput);
this.querySelector(".share__option-text").textContent = "Copied"
})
}
});
// document.querySelector(".hover__share-modal-container").addEventListener("mouseover", () => document.querySelector('[data-gfg-action="share-article"]').classList.add("hover_share_menu"));
}
function toggleLikeElementVisibility(selector, show) {
document.querySelector(`.${selector}`).style.display = show ? "block" : "none";
}
function closeKebabMenu(){
document.getElementById("myDropdown").classList.toggle("show");
}