0
0
Node.jsframework~5 mins

Password hashing with bcrypt in Node.js - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the main purpose of using bcrypt for password hashing?
Bcrypt securely hashes passwords to protect them from being easily read or reversed if stolen. It adds a salt and uses multiple rounds to slow down attackers.
Click to reveal answer
beginner
What does the 'salt' do in bcrypt hashing?
A salt is random data added to the password before hashing. It ensures that even identical passwords have different hashes, preventing attackers from using precomputed tables.
Click to reveal answer
beginner
How do you verify a password using bcrypt in Node.js?
You use bcrypt's compare function to check if the plain password matches the stored hashed password. It returns true if they match, false otherwise.
Click to reveal answer
intermediate
What is the significance of the 'salt rounds' parameter in bcrypt?
Salt rounds control how many times the hashing process runs. More rounds mean stronger security but slower hashing. A common value is 10.
Click to reveal answer
beginner
Show a simple example of hashing a password with bcrypt in Node.js.
```js
import bcrypt from 'bcrypt';

async function hashPassword() {
  const password = 'mySecret123';
  const saltRounds = 10;
  const hash = await bcrypt.hash(password, saltRounds);
  console.log(hash);
}

hashPassword();
``` This code creates a hashed password asynchronously.
Click to reveal answer
What does bcrypt add to a password before hashing to make it more secure?
AA suffix
BA prefix
CA checksum
DA salt
Which bcrypt function checks if a password matches a stored hash?
Abcrypt.hash()
Bbcrypt.compare()
Cbcrypt.verify()
Dbcrypt.check()
What happens if you increase the salt rounds in bcrypt?
AHashing becomes slower
BHashing becomes faster
CHashing output becomes shorter
DHashing output becomes predictable
Why should you never store plain passwords in your database?
AThey are hard to read
BThey take more space
CThey can be easily stolen and misused
DThey slow down the app
Which of these is a valid bcrypt salt rounds value commonly used?
A10
B1
C5
D100
Explain how bcrypt protects passwords and why it is better than simple hashing.
Think about what makes bcrypt hashes different and harder to crack.
You got /4 concepts.
    Describe the steps to hash and verify a password using bcrypt in Node.js.
    Consider both creating the hash and checking it later.
    You got /5 concepts.