freeCodeCamp/curriculum/challenges/english/09-information-security/information-security-with-h.../hash-and-compare-passwords-...

---
id: 58a25bcff9fc0f352b528e7e
title: Hash and Compare Passwords Synchronously
challengeType: 2
forumTopicId: 301579
dashedName: hash-and-compare-passwords-synchronously
---

# --description--

As a reminder, this project is being built upon the following starter project on [Replit](https://replit.com/github/freeCodeCamp/boilerplate-bcrypt), or cloned from [GitHub](https://github.com/freeCodeCamp/boilerplate-bcrypt/).

Hashing synchronously is just as easy to do but can cause lag if using it server side with a high cost or with hashing done very often. Hashing with this method is as easy as calling

```js
var hash = bcrypt.hashSync(myPlaintextPassword, saltRounds);
```

Add this method of hashing to your code and then log the result to the console. Again, the variables used are already defined in the server so you won't need to adjust them. You may notice even though you are hashing the same password as in the async function, the result in the console is different- this is due to the salt being randomly generated each time as seen by the first 22 characters in the third string of the hash. Now to compare a password input with the new sync hash, you would use the compareSync method:

```js
var result = bcrypt.compareSync(myPlaintextPassword, hash);
```

with the result being a boolean true or false.

# --instructions--

Add the function in and log the result to the console to see it working.

Submit your page when you think you've got it right.

# --hints--

Sync hash should be generated and correctly compared.

```js
(getUserInput) =>
  $.get(getUserInput('url') + '/_api/server.js').then(
    (data) => {
      assert.match(
        data,
        /START_SYNC[^]*hash.*=.*bcrypt.hashSync.*myPlaintextPassword( |),( |)saltRounds[^]*END_SYNC/gi,
        'You should call bcrypt.hashSync on myPlaintextPassword with saltRounds'
      );
      assert.match(
        data,
        /START_SYNC[^]*result.*=.*bcrypt.compareSync.*myPlaintextPassword( |),( |)hash[^]*END_SYNC/gi,
        'You should call bcrypt.compareSync on myPlaintextPassword with the hash generated in the last line'
      );
    },
    (xhr) => {
      throw new Error(xhr.statusText);
    }
  );
```

# --solutions--

```js
/**
  Backend challenges don't need solutions, 
  because they would need to be tested against a full working project. 
  Please check our contributing guidelines to learn more.
*/
```
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00			`---`
			`id: 58a25bcff9fc0f352b528e7e`
			`title: Hash and Compare Passwords Synchronously`
			`challengeType: 2`
fix(curriculum): Added forumTopicId to remaining 1200 challeng… (#36558) 2019-08-05 16:17:33 +00:00			`forumTopicId: 301579`
feat(curriculum): restore seed + solution to Chinese (#40683) * feat(tools): add seed/solution restore script * chore(curriculum): remove empty sections' markers * chore(curriculum): add seed + solution to Chinese * chore: remove old formatter * fix: update getChallenges parse translated challenges separately, without reference to the source * chore(curriculum): add dashedName to English * chore(curriculum): add dashedName to Chinese * refactor: remove unused challenge property 'name' * fix: relax dashedName requirement * fix: stray tag Remove stray `pre` tag from challenge file. Signed-off-by: nhcarrigan <nhcarrigan@gmail.com> Co-authored-by: nhcarrigan <nhcarrigan@gmail.com> 2021-01-13 02:31:00 +00:00			`dashedName: hash-and-compare-passwords-synchronously`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00			`---`

Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			`# --description--`

chore(replit): use correct brand name across codebase (#41941) * replace repl.it with replit.com in the English version Replace repl.it to replit.com in the English version. Chinese and Spanish versions have the same issue. * Updated the repl.it to replit.com or Replit I changed the text from replit.com to Replit and added the changes to the files outside the curriculum folder. * Forgot removing one .com. There was on Replit.com that I missed when I reviewed the files. * Resolve conflicts I got an unable to auto merge so resolving conflicts and trying again. * try committing conflicts again * Trying the conflicts again * chore: fix typo in personal library Co-authored-by: Shaun Hamilton <51722130+ShaunSHamilton@users.noreply.github.com> Co-authored-by: gemmaf98 <44875585+gemmaf98@users.noreply.github.com> Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com> Co-authored-by: Shaun Hamilton <51722130+ShaunSHamilton@users.noreply.github.com> 2021-04-29 10:13:38 +00:00			`As a reminder, this project is being built upon the following starter project on [Replit](https://replit.com/github/freeCodeCamp/boilerplate-bcrypt), or cloned from [GitHub](https://github.com/freeCodeCamp/boilerplate-bcrypt/).`
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00
			`Hashing synchronously is just as easy to do but can cause lag if using it server side with a high cost or with hashing done very often. Hashing with this method is as easy as calling`
fix(curriculum): Convert blockquote elements to triple backtick syntax for Information Security And Quality Assurance (#35997) * fix: converted blockquotes * fix: added extra line before triple backtick syntax Co-Authored-By: Oliver Eyton-Williams <ojeytonwilliams@gmail.com> * fix: corrected misc issues * fix: properly closed em element Co-Authored-By: Oliver Eyton-Williams <ojeytonwilliams@gmail.com> 2019-05-14 11:58:09 +00:00
			```js
			`var hash = bcrypt.hashSync(myPlaintextPassword, saltRounds);`
			```

Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			Add this method of hashing to your code and then log the result to the console. Again, the variables used are already defined in the server so you won't need to adjust them. You may notice even though you are hashing the same password as in the async function, the result in the console is different- this is due to the salt being randomly generated each time as seen by the first 22 characters in the third string of the hash. Now to compare a password input with the new sync hash, you would use the compareSync method:
fix(curriculum): Convert blockquote elements to triple backtick syntax for Information Security And Quality Assurance (#35997) * fix: converted blockquotes * fix: added extra line before triple backtick syntax Co-Authored-By: Oliver Eyton-Williams <ojeytonwilliams@gmail.com> * fix: corrected misc issues * fix: properly closed em element Co-Authored-By: Oliver Eyton-Williams <ojeytonwilliams@gmail.com> 2019-05-14 11:58:09 +00:00
			```js
			`var result = bcrypt.compareSync(myPlaintextPassword, hash);`
			```

			`with the result being a boolean true or false.`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			`# --instructions--`

fix(formatting): Information Security with HelmetJS challenges (#35419) * fix(formatting): Information Security with HelmetJS challenges fix(formatting): Information Security with HelmetJS challenges fix(formatting): Information Security with HelmetJS challenges fix(formatting): Hetmet JS challenges fix(formatting): Hetmet JS challenges * fix(curriculum): Remove hr * fix(formatting): Helmet JS * Change code to blockquote * fix: indented code in blockquotes 2019-03-03 17:07:37 +00:00			`Add the function in and log the result to the console to see it working.`
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00
fix(formatting): Information Security with HelmetJS challenges (#35419) * fix(formatting): Information Security with HelmetJS challenges fix(formatting): Information Security with HelmetJS challenges fix(formatting): Information Security with HelmetJS challenges fix(formatting): Hetmet JS challenges fix(formatting): Hetmet JS challenges * fix(curriculum): Remove hr * fix(formatting): Helmet JS * Change code to blockquote * fix: indented code in blockquotes 2019-03-03 17:07:37 +00:00			`Submit your page when you think you've got it right.`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			`# --hints--`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			`Sync hash should be generated and correctly compared.`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00
Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			```js
			`(getUserInput) =>`
			`$.get(getUserInput('url') + '/_api/server.js').then(`
			`(data) => {`
			`assert.match(`
			`data,`
			`/START_SYNC[^]hash.=.bcrypt.hashSync.myPlaintextPassword( \|),( \|)saltRounds[^]*END_SYNC/gi,`
			`'You should call bcrypt.hashSync on myPlaintextPassword with saltRounds'`
			`);`
			`assert.match(`
			`data,`
			`/START_SYNC[^]result.=.bcrypt.compareSync.myPlaintextPassword( \|),( \|)hash[^]*END_SYNC/gi,`
			`'You should call bcrypt.compareSync on myPlaintextPassword with the hash generated in the last line'`
			`);`
			`},`
			`(xhr) => {`
			`throw new Error(xhr.statusText);`
			`}`
			`);`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00			```

Feat: add new Markdown parser (#39800) and change all the challenges to new `md` format. 2020-11-27 18:02:05 +00:00			`# --solutions--`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00
			```js
add comment explaining no need for solutions (#37227) 2019-10-14 15:30:42 +00:00			`/**`
			`Backend challenges don't need solutions,`
			`because they would need to be tested against a full working project.`
			`Please check our contributing guidelines to learn more.`
			`*/`
feat(challenge-md): Add initial markdown challenge files 2018-09-30 22:01:58 +00:00			```