🔑JWT & Auth

Secure Password Hashing

Standard patterns for storing passwords securely using bcrypt or argon2.

Explanation

Passwords should never be stored in plain text. Modern algorithms include built-in "salts" and "work factors" to slow down attackers.

Examples

bcrypt Hash
Output
$2b$12$6pX...

Code Examples

bcrypt Format 
$2b$ (Algorithm)
12 (Work Factor/Cost)
$6pX... (Salt + Hash)

💡 Tips

  • Use a cost factor of at least 10-12 for bcrypt
  • Argon2id is currently considered the most secure choice
  • Never use MD5 or SHA1 for password storage

⚠️ Common Pitfalls

  • A low work factor makes the hash easy to brute-force
← Back to All Templates