diff --git a/products/02-iac-drift-detection/saas/src/auth/middleware.ts b/products/02-iac-drift-detection/saas/src/auth/middleware.ts
index 8ad7912..f9ea7cc 100644
--- a/products/02-iac-drift-detection/saas/src/auth/middleware.ts
+++ b/products/02-iac-drift-detection/saas/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
   const salt = crypto.randomBytes(16).toString('hex');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(`${salt}:${derived.toString('hex')}`);
     });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
   const [salt, key] = hash.split(':');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
     });
diff --git a/products/03-alert-intelligence/src/auth/middleware.ts b/products/03-alert-intelligence/src/auth/middleware.ts
index 0305fa9..b2a8ca4 100644
--- a/products/03-alert-intelligence/src/auth/middleware.ts
+++ b/products/03-alert-intelligence/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
   const salt = crypto.randomBytes(16).toString('hex');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(`${salt}:${derived.toString('hex')}`);
     });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
   const [salt, key] = hash.split(':');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
     });
diff --git a/products/04-lightweight-idp/src/auth/middleware.ts b/products/04-lightweight-idp/src/auth/middleware.ts
index 1049196..7958603 100644
--- a/products/04-lightweight-idp/src/auth/middleware.ts
+++ b/products/04-lightweight-idp/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
   const salt = crypto.randomBytes(16).toString('hex');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(`${salt}:${derived.toString('hex')}`);
     });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
   const [salt, key] = hash.split(':');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
     });
diff --git a/products/05-aws-cost-anomaly/src/auth/middleware.ts b/products/05-aws-cost-anomaly/src/auth/middleware.ts
index 8ad7912..f9ea7cc 100644
--- a/products/05-aws-cost-anomaly/src/auth/middleware.ts
+++ b/products/05-aws-cost-anomaly/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
   const salt = crypto.randomBytes(16).toString('hex');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(`${salt}:${derived.toString('hex')}`);
     });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
   const [salt, key] = hash.split(':');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
     });
diff --git a/products/06-runbook-automation/saas/src/auth/middleware.ts b/products/06-runbook-automation/saas/src/auth/middleware.ts
index 8ad7912..f9ea7cc 100644
--- a/products/06-runbook-automation/saas/src/auth/middleware.ts
+++ b/products/06-runbook-automation/saas/src/auth/middleware.ts
@@ -96,7 +96,7 @@ export function signToken(payload: AuthPayload, secret: string, expiresIn = '24h
 async function hashPassword(password: string): Promise<string> {
   const salt = crypto.randomBytes(16).toString('hex');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(`${salt}:${derived.toString('hex')}`);
     });
@@ -106,7 +106,7 @@ async function hashPassword(password: string): Promise<string> {
 async function verifyPassword(password: string, hash: string): Promise<boolean> {
   const [salt, key] = hash.split(':');
   return new Promise((resolve, reject) => {
-    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1 }, (err, derived) => {
+    crypto.scrypt(password, salt, 64, { N: 65536, r: 8, p: 1, maxmem: 128 * 1024 * 1024 }, (err, derived) => {
       if (err) reject(err);
       resolve(crypto.timingSafeEqual(Buffer.from(key, 'hex'), derived));
     });