I am working with the bcrypt
nodejs module.
I am satisfied with it to encrypt and compare passwords, but it seems impossible to decrypt it.
I am wondering:
bcrypt
module ?Thanks !
You don't decrypt passwords with bcrypt -- it's a one-way algorithm. What you do is store the hash of the original (salted) password. Then you hash the (salted) guess. If the hashes match, then the guess is correct.
Fortunately, the node-bcrypt
library does all of this for you, so you only need to provide the plaintext guess and the hash (from the database).
For example, you might do this:
// "password"; usually stored in the database in the user's row.
var stored_hash = '$2a$10$vxliJ./aXotlnxS9HaJoXeeASt48.ddU7sHNOpXC/cLhgzJGdASCe'
bcrypt.compare(guess, stored_hash, function(err, res) {
});