password

A set of high-level APIs over PointyCastle and CryptoUtils to hash and verify passwords securely.<br> Heavily inspired on PHP's Password Hashing Functions.

API

`Password.hash`

Password.hash('password', new PBKDF2());
// $pcks$64,10000,64$530f8afbc74536b9a963b4f1c4cb738bcea7403d4d606b6e074ec5d3baf39d18$56158864e365bd78f6afda27f9a239bcb3f2b7a4773d4c0d0858c86266119d1e35aae9ca1a4777ed3d85c42caeed0c57cc7e09fe7d152d5d4d4ee08506c2b41a

`Password.verify`

Password.verify('password', previousOutput);
// true

Password.verify('secret', previousOutput);
// false

Defaults

In almost cases, you should rely on default PRNG for salts. It is cryptographically secure and unique for each password.

On the other hand, you are encouraged to change interations count for what your hardware can handle.

PBKDF2


Digest	SHA-512
Block size	64 bytes
Salt	32 bytes Fortuna
Iteration count	10000
Key length	64 bytes

Waiting for Argon2.

Use this package as a library

1. Depend on it

Add this to your package's pubspec.yaml file:


dependencies:
  password: "^0.1.1+1"

2. Install it

You can install packages from the command line:

with pub:


$ pub get

with Flutter:


$ flutter packages get

Alternatively, your editor might support pub get or flutter packages get. Check the docs for your editor to learn more.

3. Import it

Now in your Dart code, you can use:


      import 'package:password/password.dart';

Version	Uploaded	Documentation	Archive
0.1.1+1	Jun 2, 2018
0.1.1	Jun 2, 2018
0.1.0	Jun 2, 2018

Analysis

We analyzed this package on Jun 12, 2018, and provided a score, details, and suggestions below. Analysis was completed with status completed using:

Dart: 2.0.0-dev.60.0
pana: 0.11.3

Scores

Popularity: Describes how popular the package is relative to other packages. [more]	0	/ 100
Health: Code health derived from static analysis. [more]	100	/ 100
Maintenance: Reflects how tidy and up-to-date the package is. [more]	80	/ 100
Overall score: Weighted score of the above. [more]	46

Learn more about scoring.

Platforms

Detected platforms: Flutter, web, other

No platform restriction found in primary library package:password/password.dart.

Suggestions

Maintain CHANGELOG.md.

Changelog entries help clients to follow the progress in your code.
Package is pre-v1 release.

While there is nothing inherently wrong with versions of 0.*.*, it usually means that the author is still experimenting with the general direction API.
Maintain an example.

Create a short demo in the example/ directory to show how to use this package. Common file name patterns include: main.dart, example.dart or you could also use password.dart.

Dependencies

Package	Constraint	Resolved	Available
Direct dependencies
Dart SDK	>=2.0.0-dev <2.0.0
cryptoutils	^0.3.0	0.3.0
pointycastle	^1.0.0-rc1	1.0.0-rc1
Transitive dependencies
analyzer		0.31.1	0.32.1
args		1.4.3
async		2.0.7
barback		0.15.2+16
bignum		0.1.0
build		0.12.6
build_barback		0.5.0+4
build_config		0.2.6+2	0.3.0
build_resolvers		0.2.0+2
build_runner		0.8.9	0.8.10
built_collection		3.1.1
built_value		5.5.1
charcode		1.1.1
cli_util		0.1.3
code_builder		3.1.0
code_transformers		0.5.1+5
collection		1.14.10
convert		2.0.1
crypto		2.0.3
csslib		0.14.4
dart_style		1.0.9+1	1.0.14
fixnum		0.10.7
front_end		0.1.0-alpha.9	0.1.1
glob		1.1.5
graphs		0.1.2
html		0.13.3+1
http		0.11.3+16
http_multi_server		2.0.5
http_parser		3.1.2
io		0.3.2+1
isolate		1.1.0	2.0.1
kernel		0.3.0-alpha.9	0.3.1
logging		0.11.3+1
matcher		0.12.2+1
meta		1.1.5
mime		0.9.6+1
package_config		1.0.3
package_resolver		1.0.3
path		1.6.0
plugin		0.2.0+2
pool		1.3.5
quiver		0.29.0+1
reflectable		2.0.1
shelf		0.7.3+1
source_maps		0.10.5
source_span		1.4.0
stack_trace		1.9.2
stream_channel		1.6.7
stream_transform		0.0.13
string_scanner		1.0.2
typed_data		1.1.5
utf		0.9.0+4
watcher		0.9.7+8
yaml		2.1.14
Dev dependencies
test	^0.12.38

Dart pub

password 0.1.1+1