Skip to content

Instantly share code, notes, and snippets.

@mba7
mba7 / crypto-pbkdf2-promise-example.js
Last active October 12, 2020 14:39 — forked from skeggse/crypto-pbkdf2-example.js
Example of using crypto.pbkdf2 to hash and verify passwords asynchronously using bluebird promise, while storing the hash and salt in a single combined buffer along with the original hash settings
var Promise = require('bluebird');
var crypto = Promise.promisifyAll(require("crypto"));
// http://security.stackexchange.com/questions/110084/parameters-for-pbkdf2-for-password-hashing
var config = {
hashBytes : 64, // size of the generated hash (to be chosen accordint the the chosen algo)
saltBytes : 16, // sise of the salt : larger salt means hashed passwords are more resistant to rainbow table
iterations : 500000, // tune so that hashing the password takes about 1 second
algo :'sha512',
encoding : 'base64' // hex is readable but base64 is shorter