What is bcrypt?
1. Definition
bcrypt is a library used to hash passwords securely before storing them in a database. It converts plain text passwords into encrypted form to protect user data.
2. Why We Use bcrypt
- Passwords are stored securely
- Prevents data breaches
- Protects against hacking attacks
- Uses salting to strengthen security
3. How it Works
- User enters password
- bcrypt hashes the password
- Hashed password is stored in DB
- During login → password is compared with hash
4. Example
const bcrypt = require("bcrypt");
// Hash password
bcrypt.hash("mypassword", 10, (err, hash) => {
console.log(hash);
});
// Compare password
bcrypt.compare("mypassword", hash, (err, result) => {
console.log(result); // true or false
});5. Important Concept (Salt)
Salt is a random value added to the password before hashing. It ensures that even if two users have the same password, their hashes will be different.
6. Advantages
- Strong password security
- Built-in salting
- Prevents brute-force attacks
- Widely used in authentication systems