I am using bcrypt to generate salts and hash passwords, but I do not think that it is doing it very securely. When I use the following code:
bcrypt.genSalt(10, function(err, salt) {
user.salt = salt;
bcrypt.hash(password, salt, function(err, hash) {
user.hashed_password = hash;
console.log(user.salt);
console.log(user.hashed_password);
user.save(function(err) {
if (err) console.log(err);
console.log("saved");
});
});
});
In one example, the salt is: $2a$10$mFFjRpY1Vrq7Fy1fFp0fMO
and the hashed_password is: $2a$10$mFFjRpY1Vrq7Fy1fFp0fMOVnlv9cKgAFdCQ5xdtlP6UoKz90i1FMu
The beginning of the hashed password is the exact same as the salt. If an attacker has access to the salt, can't he just remove the salt from the hashed_password and either brute force or use a table of predetermined hashed values to determine the password?
I always thought this should be the order of hashing a password:
hash(salt + password)
Not:
salt + hash(password)
The beginning of the hashed password is the salt because you need access to the salt in order to verify the password.
The data you see is neither hash (salt + password) nor salt + hash(password) -- it is of the form
salt + hash(salt + password)
If an attacker gains access to this data, then:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With