node-activedirectory icon indicating copy to clipboard operation
node-activedirectory copied to clipboard

Published 20 hours ago verified publisher icon gheeres

Password Hashing & Security

Open jeetendra-choudhary opened this issue 7 years ago • 5 comments

Is it required to send plain string password while authenticating with AD? I mean if ad stores the user password it must be encrypting it in someway or other, can we send a encrypted password for authentications? Here is what I mean -

ad.authenticate(username, password, function(err, auth) { // instead of plain password can it be encrypted password
  if (err) {
    console.log('ERROR: '+JSON.stringify(err));
    return;
  }
  
  if (auth) {
    console.log('Authenticated!');
  }
  else {
    console.log('Authentication failed!');
  }
})

I have also posted this in StackOverflow

jeetendra-choudhary avatar May 10 '17 06:05 jeetendra-choudhary