Just the exact amount of information needed to understand the essence bcrypt and practical explanation so it becomes more clearer in the aspect of code writing. Thank You Sam
Thanks, m'dude! I can get lost in long guides, but this video makes things really clear, and hashing feels pretty easy now! I also love the clear practical demos!
I am currently building a student project, responsible for member management,register and login logout. I made fake users table, at first only plain text and then I were suggested to use bcrypt. I generate bcrypts and store them back into the database, but I have to inpkut the bcrypt to login, I cannot use plain text to login. That’s very weired!
I'm curious, without knowing exactly how the hashing algo does its thing, couldn't I just make up my own algo where a = 5236, b = 5267, c = 4523, so on and so forth, assigning each allowable character a value, then taking those values and do several other things with the result to make the process consistently repeatable so I can compare the result of my "hashing algo" with the original password, instead of using a publicly available tool like bcrypt? What would be the downside to this?
Is this bcrypt still secure these days and standard in storing passwords? I saw you showed some docs saying use bcrypt as second only against argon2id something
usernames aren't generally sensitive information, we display them publicly, so encryption isn't necessary and just takes more time. If you encrypt a username, you always need to decrypt it to use it. If you store it in a database, it makes looking up some data by a username way more difficult. Also, keep in mind, that bcrypt is hashing, not encrypting. If you hash a username, you'll never be able to get that username back, so never do that.
@@SamMeechWard thank you and that makes sense. And also thank you for uploading content regarding AWS S3 and other services, you don’t understand how helpful they are. Is there any other way of contacting you?
Just the exact amount of information needed to understand the essence bcrypt and practical explanation so it becomes more clearer in the aspect of code writing. Thank You Sam
I'm amazed how fast you spin up these little express applications to illustrate your point
I love the little co-pilot interactions lol
Thought I already had a good understanding of this theme, however this review uncovers aspects I wasn't aware of. Thanks Sam.
Simple straight to the point explaining, my fave kind of explaining. Thank you
Just the right amount of information in the right amount of time. Thank you sam
Very good video. Simple, to the point without a bunch of clutter, very easy to understand. Thank you.
Thanks, m'dude! I can get lost in long guides, but this video makes things really clear, and hashing feels pretty easy now! I also love the clear practical demos!
Awesome simplified version of what I really needed to know. Keep up the great work!
Actually had to code my own auth system for a very light app, and I wanted a quick way to store passwords safely, ur video really helped me.
You're a wonderful teacher. Appreciate the video.
Your're an excellent teacher.
Really good introduction to bcrypt.
just want to say thank you🤩nice video
watching from Pakistan this video was really helpful. And got to learn many things
Thank you, that was such a great short introduction, albeit knowledgeful.
Thank you so much! Super helpful beginner friendly guide.
Much appreciated! Your video helped me alot. Great teaching method 👍
Nice video , easy understand ! Thank you !
this video made me understand res and req holy cow
Great Video, great teaching style
This was awesome! Thank you!
You're so welcome!
I'm not using JS but this was an excellent tutorial. I'm most curious about the postman add on for vs code.
Thanks for the helpful video !! helped a lot !!
Excellent video.
definetly liked this video 👏
Very clear and smart
awesome video. thanks dude!
Great video, thanks!!!
Great video, thanks! ;)
thanks everything was so celar to understand
u explained it very well, do you have courses ?
is it safe to send the password in the request as plain text? couldn't an unsecured wifi network easily intercept the call and steal the password?
not if you're running a https network
All doughs cleared()
Awesome video
I cant use await on my bcrypt.compare function, itd already inside an async function, can i get some help
I am currently building a student project, responsible for member management,register and login logout. I made fake users table, at first only plain text and then I were suggested to use bcrypt. I generate bcrypts and store them back into the database, but I have to inpkut the bcrypt to login, I cannot use plain text to login. That’s very weired!
Outrageous - VLDL Benjamin
@ 1:26 you are awaiting in a top level script / module without using an async IIFE... I thought that is not possible ?
It’s fine if you’re using es modules
Thanks ! Yes, I noticed this didn't work when using require() @@SamMeechWard
I am your biggest fan Christ Martin from Coldplay! omg
thank you !!
What software / app is that? Visual studio code?
I'm curious, without knowing exactly how the hashing algo does its thing, couldn't I just make up my own algo where a = 5236, b = 5267, c = 4523, so on and so forth, assigning each allowable character a value, then taking those values and do several other things with the result to make the process consistently repeatable so I can compare the result of my "hashing algo" with the original password, instead of using a publicly available tool like bcrypt? What would be the downside to this?
You're confusing hashing with encrypting
@@matissjansons8789 I never thought of it that way.
Should you not hash the password before you post it?
To use an await function with no async function es bien !!
which one is better between bcrypt and argon2 ?
Is this bcrypt still secure these days and standard in storing passwords?
I saw you showed some docs saying use bcrypt as second only against argon2id something
Cool man
Btw is it bad to encrypt username as well? is it bad practice/even more complex?
usernames aren't generally sensitive information, we display them publicly, so encryption isn't necessary and just takes more time. If you encrypt a username, you always need to decrypt it to use it. If you store it in a database, it makes looking up some data by a username way more difficult.
Also, keep in mind, that bcrypt is hashing, not encrypting. If you hash a username, you'll never be able to get that username back, so never do that.
@@SamMeechWard thank you and that makes sense. And also thank you for uploading content regarding AWS S3 and other services, you don’t understand how helpful they are. Is there any other way of contacting you?
@@asaphhere Thank you. You can join my discord server if you like discord.gg/XQJ5bmjKHk
Argon2 is the new recommended hashing algorithm. It's more secure than bcrypt.
which tool using in vs code to pull request ?
how can you push on const user?. dont u have to use let user
good job. Please how can i do this in php mysql
It should b > npm i bcryptjs
Good
not working for me
what the hell is going on ?? how can you use await without async???/
I only like hash if it’s got potato in it. 🥔
Just don’t forget to add salt ;)
He's handsome i can't focus sos 🥲