October 30, 20223 min read

Create SHA256 Hash with salt in Node.js

SHA256 is (atleast when it was created) a standardized 1-way function that takes in data input of any form and maps it to a fixed-size output string, irrespective of the size of the input string.

A salt is a randomly generated string of characters that is used as an additional input to a one-way hash function. Salts are used to protect against dictionary attacks and rainbow table attacks.

The SHA256 hash with salt is generated by concatenating the salt to the password and then hashing the resulting string. The salt is then appended to the generated hash to form the complete hash. This complete hash is then stored in the database. When a user attempts to login, the salt is retrieved from the database and used to generate a hash from the provided password. The generated hash is then compared to the hash stored in the database. If the two hashes match, the user is authenticated.

We can create an SHA256 hash of a string in Node.js without using an hash as well. In this article we will create a hash by using a salt.

If you are looking to generate sha256 checksum in nodejs, please follow this article - Creating SHA256 Hash with salt in Node.js.

The method below is for creating it in Node.js i.e., on the server side.

SHA256 hash with salt using crypto module

Here we will be using the default crypto module. Then, you can use it in your code to update the hash with password and salt.

Here is an example demonstrating using crypto and md5 implementation-

import { createHash } from "crypto";

const password = "password";
const salt = "80zzm081sr@nd0m";

const passhash = createHash("sha256")
  .update(createHash("sha256").update(salt, "utf8").digest("hex"))

The output of the above script will be an SHA256 hash with salt of password when you run the command node index.js in your shell-


Passwords can also be SHA256 hashed in the frontend JavaScript, but, its not advised to do it in the frontend, as your hash is now known to the attacker, eventually leading to a security breach.

If you looking to create an SHA256 hash of a file, please follow the article where we discuss as to how to read a file buffer and create the hash.

It's as simple as that! You do not need any fancy npm library for creating an SHA256 hash in Node.js.

I'm glad that you found the content useful. Happy Coding.

Share this blog
Like what you read?
Subscribe to our Newsletter
Subscribe to our email newsletter and unlock access to members-only content and exclusive updates.
About the Author
Satvik is a passionate developer turned Entrepreneur. He is fascinated by JavaScript, Operating System, Deep Learning, AR/VR. He has published several research papers and applied for patents in the field as well. Satvik is a speaker in conferences, meetups talking about Artificial Intelligence, JavaScript and related subjects. His goal is to solve complex problems that people face with automation. Related projects can be seen at - [Projects](/projects)
View all articles
Previous Article
Next Article