NodeJS BCRYPT cost calculator
| /** | |
| * Password BCRYPT Hash Cost Calculator for NodeJS | |
| * | |
| * Just upload this script to your server and run it. | |
| * | |
| * You should choose a cost that will take at least 100ms (500ms preferably) | |
| * | |
| * Uses bcrypt.js from https://github.com/dcodeIO/bcrypt.js | |
| */ | |
| const { performance } = require('perf_hooks'); | |
| const bcrypt = require('bcryptjs'); | |
| // Upper time limit to check | |
| const upperTimeLimit = 1000; | |
| const password = 'this_is_just_a_long_string_to_test_on_U8WNZqmz8ZVBNiNTQR8r'; | |
| console.log(`\nPassword BCRYPT Hash Cost Calculator\n`); | |
| console.log(`We're going to run until the time to generate the hash takes longer than ${upperTimeLimit}ms`); | |
| var cost = 3; | |
| var first_cost_above_100 = null; | |
| var first_cost_above_500 = null; | |
| var time, start, stop; | |
| // Force bcrypt lib to init itself on first run (to not skew results) | |
| bcrypt.hashSync(password, 0); | |
| do { | |
| cost++; | |
| process.stdout.write(`Testing cost value of ${cost}:`); | |
| start = performance.now(); | |
| bcrypt.hashSync(password, cost); | |
| stop = performance.now(); | |
| time = stop - start; | |
| console.log(`... took ${time}ms`); | |
| if (first_cost_above_100 === null && time > 100) { | |
| first_cost_above_100 = cost; | |
| } else if (first_cost_above_500 === null && time > 500) { | |
| first_cost_above_500 = cost; | |
| } | |
| } while (time < upperTimeLimit); | |
| console.log(`\nYou should use a cost between ${first_cost_above_100} and ${first_cost_above_500}`); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment