Node Password Hash

Password hashing and verification for node.js
Alternatives To Node Password Hash
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Blake33,8361454 days ago25January 25, 202299otherAssembly
the official Rust and C implementations of the BLAKE3 cryptographic hash function
Jssha2,1571,6573802 months ago20December 07, 20202bsd-3-clauseTypeScript
A JavaScript/TypeScript implementation of the complete Secure Hash Standard (SHA) family (SHA-1, SHA-224/256/384/512, SHA3-224/256/384/512, SHAKE128/256, cSHAKE128/256, and KMAC128/256) with HMAC.
Imagehash1,87830213 days ago14November 29, 202132mitPHP
🌄 Perceptual image hashing for PHP
2 months ago49gpl-3.0C++
📝 File hashing and checking shell extension
3 years ago1February 27, 20183otherC++
Advanced library for randomization, hashing and statistical analysis (devoted to chaos machines). :microscope:
Deepdiff1,6114082244 days ago63April 10, 202259otherPython
DeepDiff: Deep Difference and search of any Python object/data. DeepHash: Hash of any object based on its contents. Delta: Use deltas to reconstruct objects by adding deltas together.
Cryptopasta1,509123684 years agoOctober 03, 202111otherGo
copy & paste-friendly golang crypto
Robin Hood Hashing1,283
2 months ago17mitC++
Fast & memory efficient hashtable based on robin hood hashing for C++11/14/17/20
Object Hash1,257179,5491,46811 days ago47February 18, 202235mitJavaScript
Generate hashes from javascript objects in node and the browser.
Name That Hash1,214
2 months ago6gpl-3.0Python
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
Alternatives To Node Password Hash
Select To Compare

Alternative Project Comparisons

Deprecated: Use bcrypt or scrypt

node-password-hashBuild Status

password-hash is a node.js library to simplify use of hashed passwords.

Storing passwords in plain-text is bad. This library makes the storing of passwords (and subsequent validation of) hashed passwords a bit easier.

password-hash provides functions for generating a hashed passwords and verifying a plain-text password against a hashed password. For a bit of added strength, a random salt is generated when the password is hashed. The hashed password contains both the cryptographic algorithm that was used as well the salt, so all that is needed to verify a plain-text password is the hashed password itself.


npm install password-hash


generate(password, [options])

Generates a hash of the required password argument. Hashing behavior can be modified with the optional options object:

  • algorithm - A valid cryptographic algorithm for use with the crypto.createHmac function, defaults to 'sha1'.
  • saltLength - The length of the salt that will be generated when the password is hashed, defaults to 8.
  • iterations - The number of times the hashing algorithm should be applied, defaults to 1.

Errors are thrown if:

  • password is not a string
  • options.algorithm is specified but not a valid cryptographic algorithm
  • options.saltLength is specified but not a positive integer

The hashed password will be in the format algorithm$salt$hash.


    var passwordHash = require('password-hash');

    var hashedPassword = passwordHash.generate('password123');

    console.log(hashedPassword); // sha1$3I7HRwy7$cbfdac6008f9cab4083784cbd1874f76618d2a97

verify(password, hashedPassword)

Compares a plain-text password (password) to a hashed password (hashedPassword) and returns a boolean. Both arguments are required.


    var passwordHash = require('./lib/password-hash');

    var hashedPassword = 'sha1$3I7HRwy7$cbfdac6008f9cab4083784cbd1874f76618d2a97';
    console.log(passwordHash.verify('password123', hashedPassword)); // true
    console.log(passwordHash.verify('Password0', hashedPassword)); // false


Check if a password (password) is hashed. Returns a boolean.


    var passwordHash = require('./lib/password-hash');

    var hashedPassword = 'sha1$3I7HRwy7$cbfdac6008f9cab4083784cbd1874f76618d2a97';
    console.log(passwordHash.isHashed('password123')); // false
    console.log(passwordHash.isHashed(hashedPassword)); // true

Salt Generation

node 0.5.8 introduced crypto.randomBytes, which generates cryptographically strong pseudo-random data. If the version of node supports crypto.randomBytes it is used to generate the salt, otherwise Math.random, which is not cryptographically strong, is used. This is handled transparently within the salt generation function and does not impact the module's API.

Inspired by

password-hash is inspired by the password hashing found in Werkzeug.

Popular Hashing Projects
Popular Hash Projects
Popular Computer Science Categories

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.