This is not really a “solution” as these sort of things should be stored server side. But you can use a tool like obfuscator.io (make sure to encrypt strings) and obfuscate it to the point where it would be very difficult (not impossible) to hack
2 Likes
@AMDryzen5600X you can find the sha-256 hash of whatever the password is and then save that as var password in your code. Then on guess, hash whatever the input is in prompt(‘Enter Password’,‘’) and see if it is equal to var password. You’d never save the actual password in your code.
2 Likes
Dont use obfuscator.io (or any obfuscator)! It can be bypassed easily using de4js, and it’s never a good practice to obfuscate code. Best way to do it is to create a Repl with a server (Python, JavaScript, etc) and store the password server side in an environment variable, and you can use a form or something to send the client into the server and validate it there.
3 Likes
Don’t you want to hash on the server so you can add salt?
1 Like
^^ Totally, obfuscator.io really does nothing. It is more an annoyance. Totally not secure and definitely should not be used.
1 Like
@InvisibleOne you can rehash and salt server side using some unique identifier of the user, but by hashing client side, even in the case of a hack, the user’s actual password is never sent over
4 Likes