Ruby

For Ruby, we use the bcrypt gem which allows us to hash and validate passwords.

Installation

$ gem install bcrypt

Or, using bundler, add following to your Gemfile:

gem 'bcrypt', '~> 3.1.7'

Then install:

$ bundle install

Usage

The bcrypt gem is super simple, with a single method for generating hashes.

Hashing a Password

require ‘bcrypt’

hashed_password = BCrypt::Password.create(password, :cost => 11)

You can pass in an options hash including an option to set the cost.

Verifying a Password

For validation, you can use the comparison operator:

if hashed_password == password then
     # Password matches
else
     # Password does not match
end

Davey Shafik

Davey Shafik @dshafik