I am working with the bcrypt nodejs module.
I am satisfied with it to encrypt and compare passwords, but it seems impossible to decrypt it.
I am wondering:
bcrypt module ?Thanks !
You don't decrypt passwords with bcrypt -- it's a one-way algorithm. What you do is store the hash of the original (salted) password. Then you hash the (salted) guess. If the hashes match, then the guess is correct.
For example, you might do this:
// "password"
var stored_hash = '$2a$10$vxliJ./aXotlnxS9HaJoXeeASt48.ddU7sHNOpXC/cLhgzJGdASCe'
bcrypt.compare(guess, stored_hash, function(err, res) {
});
Note that I've not salted this, so you'll need to do that. node-bcrypt salts the hash by default.
Much better way of doing that is using this node module https://github.com/davidwood/node-password-hash which can encrypt your password and also allow to veify encrypted version with the actual one.