Bcrypt password hashing library for Elixir.
Bcrypt is a well-tested password-based key derivation function that can be configured to remain slow and resistant to brute-force attacks even as computational power increases.
This version is based on the OpenBSD version of Bcrypt and supports
the $2b$
and $2a$
prefixes. For advice on how to use hashes with
the $2y$
prefix, see this issue.
In version 2.0, bcrypt_elixir has been updated to implement the Comeonin and Comeonin.PasswordHash behaviours.
It now has the following two additional convenience functions:
add_hash/2
- same as Comeonin.Bcrypt.add_hash in Comeonin version 4
- hashes a password and returns a map with the password hash
check_pass/3
- same as Comeonin.Bcrypt.check_pass in Comeonin version 4
- takes a user struct and password as input and verifies the password
- Add bcrypt_elixir to the
deps
section of your mix.exs file:
If you are using Erlang >20:
def deps do
[
{:bcrypt_elixir, "~> 2.0"}
]
end
If you are using Erlang 19 or below:
def deps do
[
{:bcrypt_elixir, "~> 0.12"}
]
end
-
Make sure you have a C compiler installed. See the Comeonin wiki for details.
-
Optional: during tests (and tests only), you may want to reduce the number of rounds so it does not slow down your test suite. If you have a config/test.exs, you should add:
config :bcrypt_elixir, :log_rounds, 4
See the Comeonin wiki for more information on the following topics:
- algorithms
- requirements
- deployment
- including information about using Docker
- references
There are many ways you can contribute to the development of this library, including:
- reporting issues
- improving documentation
- sharing your experiences with others
- making a financial contribution
First of all, I would like to emphasize that this software is offered free of charge. However, if you find it useful, and you would like to buy me a cup of coffee, you can do so at paypal.
http://hexdocs.pm/bcrypt_elixir
BSD. For full details, please read the LICENSE file.