node-scrypt icon indicating copy to clipboard operation
node-scrypt copied to clipboard

Published 20 hours ago verified publisher icon barrysteyn

Since this is deprecated, what is the recommended equivalent of scrypt.params?

Open fresheneesz opened this issue 5 years ago • 2 comments
trafficstars

scrypt.params is important because it allows you to choose an appropriate timeout for key stretching. Choosing a constant value for N would mean that your password storage would become easier and easier to crack over time. Since this is now recommending using node.js's crypto.script function instead, what is the recommended equivalent for scrypt.params to generate an N based on a maximum key stretching time?

fresheneesz avatar Dec 03 '19 02:12 fresheneesz

You can see the algorithm in the source code. It shouldn't be too hard to convert this to Javascript.

However, it looks like this has already been done over in scrypt-kdf. See the pickParameters function.

swansontec avatar Jan 07 '20 21:01 swansontec

https://github.com/barrysteyn/node-scrypt/pull/200

fresheneesz avatar Jan 08 '20 03:01 fresheneesz