0
0
Expressframework~5 mins

Password hashing with bcrypt in Express - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the main purpose of using bcrypt in password handling?
Bcrypt is used to securely hash passwords so that the original password cannot be easily recovered, protecting user data even if the database is compromised.
Click to reveal answer
beginner
Which bcrypt function is used to create a hashed password from a plain text password?
The function bcrypt.hash() is used to generate a hashed password from a plain text password.
Click to reveal answer
intermediate
What does the 'salt' do in bcrypt password hashing?
A salt is random data added to the password before hashing to ensure that even identical passwords have different hashes, making attacks like rainbow tables ineffective.
Click to reveal answer
beginner
How do you verify a user's password using bcrypt in Express?
Use bcrypt.compare(plainPassword, hashedPassword) to check if the plain password matches the stored hashed password. It returns true if they match.
Click to reveal answer
intermediate
Why should you avoid using a fixed salt or no salt when hashing passwords?
Without a unique salt for each password, attackers can use precomputed tables to reverse hashes or find users with the same password, reducing security.
Click to reveal answer
Which bcrypt method is used to create a hashed password?
Abcrypt.genSalt()
Bbcrypt.compare()
Cbcrypt.hash()
Dbcrypt.encrypt()
What is the role of a salt in bcrypt hashing?
ATo speed up hashing
BTo add randomness to the hash
CTo store the password
DTo decrypt the password
How do you check if a password matches a bcrypt hash?
Abcrypt.hash()
Bbcrypt.check()
Cbcrypt.verify()
Dbcrypt.compare()
Why is bcrypt preferred over simple hashing functions for passwords?
AIt is designed to be slow and includes salt
BIt uses a fixed salt
CIt is faster
DIt stores passwords in plain text
What happens if you reuse the same salt for all passwords?
AAttackers can find matching hashes more easily
BPasswords become more secure
CIt has no effect
DIt speeds up login
Explain how bcrypt helps protect user passwords in an Express app.
Think about what happens when someone tries to steal your password database.
You got /4 concepts.
    Describe the steps to hash and verify a password using bcrypt in Express.
    Focus on what happens when a user signs up and then logs in.
    You got /4 concepts.