Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

checkr

Package Overview
Dependencies
Maintainers
1
Versions
12
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

checkr

A lightweight and secure checksum validator for passwords and other sensitive data.

  • 0.1.2
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

#Checkr

A secure way of storing passwords and other sensitive identification information on a database is to store the checksums of the data, instead of storing the data itself. If a database is hacked or otherwise inappropriately accessed, only the checksums can be obtained, making it very hard to discover the actual password used to login. When a login is requested, the checksums of the login password and the password stored in the database can be compared. Checkr provides a simple interface for verifying passwords, whose checksum objects or individual checksums can be easily stored on and read from a database. Checkr has been fully optimized at the ease of the V8 engine.

##Include Checkr

var checkr = require('checkr');

##Create a Checkr hash object

var phash = checkr('password');

##Checkr hash levels

1: 'md4',
2: 'md5',
4: 'sha',
8: 'sha1',
16: 'sha224',
32: 'sha256',
64: 'sha384',
128: 'sha512'

The hashtypes can be used as bitfields, to customize verification. Note: sha is sha-0.

Examples:
255:		full check
1 | 2:		md4 and md5
16 | 32: 	sha224 and sha256
2 | 8:		md5 and sha1

The standard (default) hashtype is 10, which uses md5 and sha1 to verify.

Hastypes can be passed in as a second argument to the checkr module.

##Checkr verify hash objects

phash._(qhash);

Returns a boolean, representing whether the objects are hash-equivalent.

##Example

var checkr = require('checkr');
var phash = checkr('password');
phash._(checkr('password')); // Returns true
phash._(checkr('spassword')); // Returns false

##Clarification

During benchmarking, checkr was shown to slow down greatly if the module itself was used as a function. Therefore the function checkr#_ was implemented in production.

##Speedtest

True Cases
1 Million Comprehensive Checks - Cached: 0 s, 314.317 ms
1 Million Standard Checks - Cached: 0 s, 86.000 ms
1 Million Basic Checks - Cached: 0 s, 48.131 ms

1 Thousand Comprehensive Checks - Cached: 0 s, 0.342 ms
1 Thousand Standard Checks - Cached: 0 s, 0.094 ms
1 Thousand Basic Checks - Cached: 0 s, 0.056 ms

1 Thousand Comprehensive Checks - Evaluated: 0 s, 210.983 ms
1 Thousand Standard Checks - Evaluated: 0 s, 67.534 ms
1 Thousand Basic Checks - Evaluated: 0 s, 15.228 ms

False Cases
1 Million Comprehensive Checks - Cached: 0 s, 52.174 ms
1 Million Standard Checks - Cached: 0 s, 51.852 ms
1 Million Basic Checks - Cached: 0 s, 51.580 ms

1 Thousand Comprehensive Checks - Cached: 0 s, 0.057 ms
1 Thousand Standard Checks - Cached: 0 s, 0.055 ms
1 Thousand Basic Checks - Cached: 0 s, 0.181 ms

1 Thousand Comprehensive Checks - Evaluated: 0 s, 195.526 ms
1 Thousand Standard Checks - Evaluated: 0 s, 40.295 ms
1 Thousand Basic Checks - Evaluated: 0 s, 40.676 ms

Keywords

FAQs

Package last updated on 26 Jul 2014

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc