stackoom
  简体   繁体   中英

Why isn't salt required to compare whether password is correct in bcrypt?

 原文  2017-01-10 08:22:31       node.js/ encryption/ bcrypt/ password-encryption

Question

I would like to use node.js bcrypt to hash passwords before storing them in the database.

This link provides the documentation. https://github.com/kelektiv/node.bcrypt.js

Here is an example on hashing the password. 

var bcrypt = require('bcrypt');
const saltRounds = 10;
const myPlaintextPassword = 's0/\/\P4$$w0rD';

var salt = bcrypt.genSaltSync(saltRounds);
var hash = bcrypt.hashSync(myPlaintextPassword, salt);
// Store hash in your password DB.

Here is the code to check the password. 

// Load hash from your password DB.
bcrypt.compareSync(myPlaintextPassword, hash); // true

This is what I don't understand. In bcrypt.compareSync , why is there no parameter salt ? Since the hash is generated from salt, why does comparing the plaintext password not involve the original salt used in hashing?

1 answers

solution1
 7 ACCPTED  2017-01-10 08:36:52

salt是数据库中字符串bcrypt存储的一部分,请参阅例如答案我是否需要使用bcrypt存储salt?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question I don't know why bcrypt.compare with hashed password isn't same why hashedPassword = await bcrypt.hash(this.password, salt) is not working? Node.js bcrypt compare returns false for correct password Node js - Bcrypt - compare method returns false for the correct input password cannot compare password with bcrypt compare same salt, same password, different results (bcrypt) compare password with bCrypt returned false Bcrypt password compare not showing results Bcrypt password compare with mysql and nodejs how to compare bcrypt hash password
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM