Don't use MD5 or any type of hashing algorithm. Hash algorithms are made to run over a lot of data very quickly. Very quick is exactly what you don't want when securing your passwords. To properly store passwords you want an encryption algorithm. The bcrypt module mentioned prior is what I use. Here are a couple links for reading:
http://dustwell.com/how-to-handle-passwords-bcrypt.html http://codahale.com/how-to-safely-store-a-password/ http://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage On Thursday, November 22, 2012 4:54:47 AM UTC-8, cherry wrote: > > > i've registration form and i'm sending that data to mongodb through > mongoskin driver and i want to encrypt those passwords at server side using > md5. can u plz help me. > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
