Reputation: 51383
Could you use browserify to require node-bcrypt client-side and then send the hash to the server?
Could you use browserify to require node-bcrypt client-side and then send the hash to the server?
Does this just sound really awesome or could it actually provide more security then passing plaintext to the server over SSL? What if we are passing the plaintext via websockets?
Thanks!
Upvotes: 1
Views: 912
Answers (1)
Reputation: 146014
node-bcrypt depends on native OpenSSL support. In its current configuration, it won't work in the browser. According to this question, there are no pure javascript implementations of bcrypt, but blowfish, a similar algorithm, does have pure javascript implementations.
For question 2, stick with the standard of TLS (via HTTPS) for your end-to-end encryption. Chances that your functional requirements require something custom are pretty slim.
Upvotes: 4
Related Questions
- encrypt/decrypt passwords with node.js
- What is an alternative for bcrypt to use with node?
- Password hashing using bcrypt in nodejs
- Problems with bcrypt hash encryption - node.js
- bcrypt nodejs not works as expected
- How to hash password with bcryptjs in node?
- Node.js password hashing bcrypt alternative using crypto
- using a pure-JavaScript implementation of bcrypt
- Using bcrypt on Node.js results in validation failed
- Is there any NodeJS bcrypt module that does not rely on node-gyp?