Web Security
Hoe secure je passwords?
Best practices voor password handling.
Password security
Hash passwords (bcrypt, argon2) - NEVER plain text Salt - random unique string per password RateLimit login attempts Require strong passwords
Code Voorbeelden
JAVASCRIPTPassword hashing
import bcrypt from 'bcrypt';
// Registering
const password = req.body.password;
const hashedPassword = await bcrypt.hash(password, 10);
user.password = hashedPassword; // Store hash, not plain text
// Login
const isValid = await bcrypt.compare(password, user.password);
if (isValid) {
// Password correct
}💡 Praktijk Tips
NOOIT passwords in plain text opslaan. Bcrypt of Argon2 gebruiken.
Relevante trefwoorden
passwordbcrypthashing