node-red-admin icon indicating copy to clipboard operation
node-red-admin copied to clipboard

Published 20 hours ago verified publisher icon node-red

[secuity]The iteration count for the salt is too low

Open cryptochecktool opened this issue 1 year ago • 0 comments

At the location https://github.com/node-red/node-red-admin/blob/master/lib/commands/hash.js#L27, the encryption of the salt with bcrypt.hashSync(password, 8) should have a loop count of at least 10 to ensure sufficient security.

cryptochecktool avatar Nov 16 '24 08:11 cryptochecktool