Using sha256 isn't secure for password hashing
mootrichard opened this issue · 1 comments
mootrichard commented
sha256 is just a message digest, so it really shouldn't be used as an example for password hashing.
You can use argon2 though, which is considered the best current password hashing algorithm.
const argon2 = require('argon2');
try {
this.password = await argon2.hash("password");
} catch (err) {
//...
}
lujakob commented
Hey Richard, looks good to me. Thanks for the hint :)