I used recently CryptoJS in a project that I’m working on that uses MongoDB to store user data, such as email and password, and as a primary layer of protection I use dotenv library to handle the .env file but I wanted add more protection to the system and found this library called CryptoJS to encrypt the sensitive information cited above.
The library has many hashing algorithms such as MD5, SHA-1, SHA-2 and SHA-3, RIPEMD-256, HMAC, PBKDF2, AES, DES, Triple DES, Rabbit, RC4 and RC4Drop and other features.
I chose AES (Advanced Encryption Standard) to encrypt the passwords. This method uses a secret password to encrypt the information and the same password to decrypt, with this and a help of a password generator that uses alphanumeric characters among special characters and non-similar characters and a length of 2048 I could create this secret password.
The way to use this library is pretty simple. In the file that will submit the information to the DB I imported the package and set two variables called encrypt and decrypt, inside these I called the cryptoJS AES function to encrypt the password and decrypt it among with the secret password saved on the .env file.
import cryptoJS from "cryptJS";var encrypted = CryptoJS.AES.encrypt(password, .env_saved_password);
var decrypted = CryptoJS.AES.decrypt(encrypted,.env_saved_password);
So this helped me secure the information, hope it helps someone else too!