Bug - Invalid salt revision
Whenever I ran
compareSync(password, passwordHash) I would see the error
Invalid salt revision
What did it mean? Where did it come from?
This is the code in the library
minor = salt.charAt(2); if (minor != 'a' || salt.charAt(3) != '$') throw "Invalid salt revision"; off = 4;
That means it is looking for the letter
a in the index 2 position. I checked the password hash and saw that all of mine started with
$2b. What is the difference between
$2b? Its a long story that includes many other
$2<letter> versions but long story short, reseachers may discover bugs in implementations and will use this lettering to distinguish between older and newer implementations
bcrypt-nodejs is old.
bcrypt-nodejs is no longer maintained - DO NOT USE IT
Ask your users to create new passwords OR if you havent launched, create new passwords using