Explore how to encrypt user data and best practices around session management.
- [Instructor] Another strong recommendation…for properly securing your Node.js application…is to encrypt your user data…across all communication channels.…So when your server and client are exchanging data,…use Node.js packages like Crypto.…Crypto allows you to encrypt your sensitive data…with several methods to create hash data…with secret words and hash algorithms.…By having the proper secret and algorithm…on the application and the server,…you can encrypt and decrypt sensitive data,…so if anyone intercepts your data,…you minimize the possibility they can decipher your data.…
So go to nodejs.org\api…\crypto.html-crypto_crypto,…and once you get to this page you'll see…what kind of set up you need to actually use Crypto.…So for example, you import Crypto here…and then you set up your secret.…So you'll create your hash word here…by using Crypto with the algorithm,…and then this is the word that you want,…and then you digest it.…And if you console log this hash,…it will print something like this.…
So if you want to decipher this on the other hand,…
- OWASP resources and security threats
- Cross-site scripting and denial of service attacks
- Managing packages in a Node.js app
- Adding two-factor and read-only tokens with npm
- Using prepared statements for SQL/NoSQL
- Encrypting user data and session management
- Adding HTTPS protocol to an application
- Using cookie attributes
- Tools for testing
Skill Level Intermediate
Node.js: Deploying Applicationswith Kirsten Hunter1h 24m Intermediate
Node.js: Debugging and Performance Tuningwith Jon Peck2h 44m Intermediate
1. Security Overview
OWASP top 10 in Node.js2m 22s
2. Best Practices: Packages
3. Best Practices: Data
4. Best Practices: Server Level
5. Tools for Testing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.