Create MD5 Hash with salt in Node.js
MD5 is (atleast when it was created) a standardized 1-way function that takes in data input of any form and maps it to a fixed-size output string, irrespective of the size of the input string.
Though it is used as a cryptographic hash function, it has been found to suffer from a lot of vulnerabilities.
A salt is a randomly generated string of characters that is used as an additional input to a one-way hash function. Salts are used to protect against dictionary attacks and rainbow table attacks.
The MD5 hash with salt is generated by concatenating the salt to the password and then hashing the resulting string. The salt is then appended to the generated hash to form the complete hash. This complete hash is then stored in the database. When a user attempts to login, the salt is retrieved from the database and used to generate a hash from the provided password. The generated hash is then compared to the hash stored in the database. If the two hashes match, the user is authenticated.
We can create an MD5 hash of a string in Node.js without using an hash as well. In this article we will create a hash by using a salt.
If you are looking to generate md5 checksum in nodejs, please follow this article - Creating MD5 Hash with salt in Node.js.
The method below is for creating it in Node.js i.e., on the server side.
MD5 hash with salt using crypto module
Here we will be using the default crypto module. Then, you can use it in your code to update the hash with password and salt.
Here is an example demonstrating using crypto and md5 implementation-
import { createHash } from "crypto";
const password = "password";
const salt = "80zzm081sr@nd0m";
const passhash = createHash("md5")
.update(password)
.update(createHash("md5").update(salt, "utf8").digest("hex"))
.digest("hex");
console.log(passhash);
The output of the above script will be an MD5 hash with salt of password when you run the command node index.js in your shell-
5d224cc2ba030bac93e6ac0e0ecc18e7
Passwords can also be MD5 hashed in the frontend JavaScript, but, its not advised to do it in the frontend, as your hash is now known to the attacker, eventually leading to a security breach.
If you looking to create an MD5 hash of a file, please follow the article where we discuss as to how to read a file buffer and create the hash.
NOTE : Please do not use this to hash passwords and store it in your databases, prefer SHA-256 with salt or SHA-512 with salt or other superior cryptographic hash functions for the same.
It's as simple as that! You do not need any fancy npm library for creating an MD5 hash in Node.js.
I'm glad that you found the content useful. Happy Coding.
