- Username and Password only
document find on DB collection - Encrypted password
Usedmongoose-encryption- A Simple Encryption and Authentication for mongoose documents which takes a custom string to encrypt a password. Even if someone gains access to the database, they will not be able to view the encrypted fields without the decryption key. - Hashing with md5
Usedmd5- MD5 (Message Digest Method 5) is a cryptographic hash algorithm used to generate a 128-bit digest from a string of any length. - Hashing and Salting with bcrypt
UsedbcryptBcrypt is a password-based key derivation function that uses a slow hash function and a unique salt value to store passwords securely. It hashes a password and salt combination multiple times to make it computationally infeasible for an attacker to guess the original password. - Cookies and Sessions
Usedpassport,passport-local-mongooseandexpress sessionto validate user sessions - Google OAuth 2.0 Authentication
Usedpassport-google-oauth20
