DEV Community

Cover image for How to hash your passwords in Node.js Easily.
Syed Umair Ali
Syed Umair Ali

Posted on

How to hash your passwords in Node.js Easily.

Hello, fellow devs!

It's been a long time since I have written any new article here. So here is a small tutorial that I find very easy, fun, and also productive.

I'll show you a simple way how you can hash your passwords in node.js using Bcrypt.js.

The example I'm using today is from an API that I am making right now.

First, we will install a library called bcrypt.js using a simple npm command npm install bcryptjs and then import it into our project.

Imported libraries

And now I'll show the difference between an encrypted request and a not encrypted request made using postman. this is the request code without using bcrypt.js

Post request without bcrypt.js

This is the post request sent using postman without hashing.
Request without hashing

And this is the response I get.

Response of postman request

And now I will use the hashSync method provided by bcrypt.js to hash the user password field.

These are the changes required in the code. this is a simple function built into the bcrypt.js library.

Changes into code

And now in the response of the API, the password field will be in hashed form.

Password is now hashed

This is a simple way to hash your passwords in node.js.

Plus points if you can find the Simpsons reference. :)

Top comments (2)

raphym profile image
Raphael • Edited

You just hash your password, this is not called encrypt...

Encryption is a two-way function; what is encrypted can be decrypted with the proper key. Hashing, however, is a one-way function that scrambles plain text to produce a unique message digest. With a properly designed algorithm, there is no way to reverse the hashing process to reveal the original password. An attacker who steals a file of hashed passwords must then guess the password.

syedumaircodes profile image
Syed Umair Ali

Thank you for pointing it out.