Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

unixpass

Package Overview
Dependencies
Maintainers
1
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

unixpass

Native implementation of Unix compatible DES/MD5/SHA256/SHA512 password hashing.

  • 2.1.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
739
decreased by-44.1%
Maintainers
1
Weekly downloads
 
Created
Source

In A Nutshell

This is a native javascript implementation of Unix/Linux compatible password hashing. The currently implemented variants include legacy-DES (13 characters [./0-9A-Za-z]), extended-DES (underscore followed by 19 characters) MD5 ($1$), SHA256 ($5$), and SHA512 ($6$).

The ones missing are

  • Blowfish hashing ($2$, $2a$, $2b$, $2x$, $2y$)

Should some brave soul implement any or all of above, they will be accepted.

Usage

const up = require('unixpass');

// Returns password hash using SHA256
up.crypt('mypassword', '$5$saltsaltmoresalt');

// Returns a password hash with autogenerated salt using SHA512
up.mkpass('mypassword');

// Returns true if password matches hash, false otherwise
up.check('mypassword', '$1$saltsalt$dfhjlwheucnsdicbnwuibnwicb');

Caution!

Be aware that legacy-DES only cares about first 8 characters of the password. While no new passwords should be encrypted using that, it may be useful in validating some old stuff. Also, it is an interesting piece of history that deserves to be reimplemented also in js.

Author

Timo J. Rinne tri@iki.fi

License

GPL-2.0

Keywords

FAQs

Package last updated on 17 Jan 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc