I'm new to meteorJS and am following a tutorial that suggests to use meteor's user login set up (the command is: meteor add accounts-ui accounts-password), this appears to be similar to passport or devise (for ruby). But I am getting the warning:
W20170514-13:03:03.163(-4)? (STDERR) Note: you are using a pure-JavaScript implementation of bcrypt.
W20170514-13:03:04.713(-4)? (STDERR) While this implementation will work correctly, it is known to be
W20170514-13:03:04.714(-4)? (STDERR) approximately three times slower than the native implementation.
W20170514-13:03:04.714(-4)? (STDERR) In order to use the native implementation instead, run
W20170514-13:03:04.715(-4)? (STDERR)
W20170514-13:03:04.716(-4)? (STDERR) meteor npm install --save bcrypt
W20170514-13:03:04.716(-4)? (STDERR)
W20170514-13:03:04.717(-4)? (STDERR) in the root directory of your application.
Given that the pure javascript bcrypt is slower than meteor bcrypt does that effect security at all? Is it more secure to use pure js bcrypt? How can I test this?
via Mkr Js
No comments:
Post a Comment