playbooks

home / skills / jeremylongshore / claude-code-plugins-plus-skills / password-hash-generator

password-hash-generator skill

/skills/03-security-fundamentals/password-hash-generator

This skill guides you through password hash generator setup, generates production-ready code, and validates outputs following security best practices.

npx playbooks add skill jeremylongshore/claude-code-plugins-plus-skills --skill password-hash-generator

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
2.2 KB
---
name: "password-hash-generator"
description: |
  Generate password hash generator operations. Auto-activating skill for Security Fundamentals.
  Triggers on: password hash generator, password hash generator
  Part of the Security Fundamentals skill category. Use when working with password hash generator functionality. Trigger with phrases like "password hash generator", "password generator", "password".
allowed-tools: "Read, Write, Grep, Bash(npm:*)"
version: 1.0.0
license: MIT
author: "Jeremy Longshore <[email protected]>"
---

# Password Hash Generator

## Overview

This skill provides automated assistance for password hash generator tasks within the Security Fundamentals domain.

## When to Use

This skill activates automatically when you:
- Mention "password hash generator" in your request
- Ask about password hash generator patterns or best practices
- Need help with essential security skills covering authentication, input validation, secure coding practices, and basic vulnerability detection.

## Instructions

1. Provides step-by-step guidance for password hash generator
2. Follows industry best practices and patterns
3. Generates production-ready code and configurations
4. Validates outputs against common standards

## Examples

**Example: Basic Usage**
Request: "Help me with password hash generator"
Result: Provides step-by-step guidance and generates appropriate configurations


## Prerequisites

- Relevant development environment configured
- Access to necessary tools and services
- Basic understanding of security fundamentals concepts


## Output

- Generated configurations and code
- Best practice recommendations
- Validation results


## Error Handling

| Error | Cause | Solution |
|-------|-------|----------|
| Configuration invalid | Missing required fields | Check documentation for required parameters |
| Tool not found | Dependency not installed | Install required tools per prerequisites |
| Permission denied | Insufficient access | Verify credentials and permissions |


## Resources

- Official documentation for related tools
- Best practices guides
- Community examples and tutorials

## Related Skills

Part of the **Security Fundamentals** skill category.
Tags: security, authentication, validation, owasp, secure-coding

Overview

This skill automates password hash generator operations within the Security Fundamentals domain. It helps generate secure password hashes, produce recommended configurations, and validate outputs against common standards. The skill is designed to produce production-ready code snippets and actionable guidance for authentication and storage scenarios.

How this skill works

When triggered, the skill inspects requested hashing requirements (algorithm, salt, iterations, output format) and generates code and configuration tailored to the environment. It follows industry best practices—unique salts, strong KDFs (Argon2, bcrypt, PBKDF2), and appropriate iteration/work-factor settings—and includes validation checks to detect weak parameters. The output includes example code, command-line snippets, and notes on deployment and migration.

When to use it

  • You need to generate secure password hashes for a new application or service
  • Preparing migration plans from weak hashes (MD5/SHA1) to modern KDFs
  • Validating or reviewing existing storage, salt, or iteration settings
  • Creating reusable code or configuration for authentication components
  • Training or documenting secure password handling for developers

Best practices

  • Use a modern key derivation function: Argon2id preferred, bcrypt or PBKDF2 if Argon2 is unavailable
  • Generate a unique, cryptographically secure salt per password and store it with the hash
  • Select cost parameters that balance security and performance; test under production load
  • Never store plaintext passwords or reversible encryption; always store only salted, derived hashes
  • Include clear migration paths and version markers in stored records to support algorithm upgrades

Example use cases

  • Generate Python example code using Argon2id with recommended parameters and salt handling
  • Produce bcrypt configuration and example calls for a Node.js authentication service
  • Create a migration plan to move from SHA1-based storage to PBKDF2/Argon2 with verification steps
  • Validate an existing user database to report weak hashes, missing salts, or low iteration counts
  • Provide a testing checklist to verify hashing performance and correct verification logic

FAQ

Which hash algorithm should I choose?

Prefer Argon2id for new systems; bcrypt or PBKDF2 are acceptable where Argon2 is unavailable. Avoid general-purpose hashes like MD5 or SHA1 for passwords.

How should I handle migrations from old hashing schemes?

Implement on-login rehashing: verify with the old method, then rehash with the new KDF and store the updated record. Add version metadata to each hash.

What salt length and format are recommended?

Use a cryptographically secure random salt of at least 16 bytes, stored alongside the hash in binary or base64 form.