Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Wrapper to hash and check password with crypto's built-in pbkdf2, abstracting the API change between node v0.8 and v0.10
JavaScript Shell
branch: master


IMPORTANT: this library is not maintained anymore, please don't submit anymore pull requests except for bugfixes

Wrapper to hash and check password with Node's crypto module's built-in pbkdf2.

It abstracts the API change between Node v0.8 and v0.10, you can begin using this module with any version and it will also work on the others.

It is future-proof, meaning that you can change the parameters to arbitrarily increase the strength of new password encryption and it will still be able to check against passwords encrypted with the old method.

// Install it
npm install node-pbkdf2

// Run tests (dev dependencies need to be installed)
make test

// You can also test it works across the API change between Node v0.8 and v0.10
// You need to have nvm, node v0.8 and node v0.10 for this test
make testVersionSwitch

// Create a new password hasher with standard strength parameters
var NodePbkdf2 = require('node-pbkdf2')
  , hasher = new NodePbkdf2({ iterations: 10000, saltLength: 12, derivedKeyLength: 30 });

// Hash a password
hasher('supersecret', function (err, encryptedPassword) {
  // encryptedPassword is a string

// Check a given password against an encrypted one
hasher('supersecret', encryptedPassword, function (err, passwordIsCorrect) {
  // You can guess what information passwordIsCorrect holds easily :)


MIT, do whatever you want with the code, just leave this message here
(c) 2013 Louis Chatriot (

Something went wrong with that request. Please try again.