Last Updated: February 25, 2016
· gcds

Secure Rails Passwords in Models

Almost always you need to protect user passwords. Using MD5 or SHA1 is so old school try something new: Bcrypt.

Uncomment following line in Gemfile:

gem 'bcrypt-ruby', '~> 3.0.0'

Then run:

bundle install

Create a new model with field password_digest. When add this line to model:


And that's it you now have safe password storage. To Authenticate password try this:

User.find_by_username('Tom').try(:authenticate, 'cool') => true

Thanks for reading!