node-activedirectory
node-activedirectory copied to clipboard
Password Hashing & Security
Is it required to send plain string password while authenticating with AD? I mean if ad stores the user password it must be encrypting it in someway or other, can we send a encrypted password for authentications? Here is what I mean -
ad.authenticate(username, password, function(err, auth) { // instead of plain password can it be encrypted password
if (err) {
console.log('ERROR: '+JSON.stringify(err));
return;
}
if (auth) {
console.log('Authenticated!');
}
else {
console.log('Authentication failed!');
}
})
I have also posted this in StackOverflow