Bird
0
0

Why is it not recommended to use fast hashing algorithms like SHA-256 directly for password storage in Flask?

hard📝 Conceptual Q10 of 15
Flask - Security Best Practices
Why is it not recommended to use fast hashing algorithms like SHA-256 directly for password storage in Flask?
AThey are too slow and cause performance issues
BThey automatically encrypt passwords making verification hard
CThey produce hashes that are too long to store
DThey lack built-in salting and are vulnerable to brute-force attacks
Step-by-Step Solution
Solution:

  1. Step 1: Understand properties of fast hashes

    SHA-256 is fast and does not include salting by default.

  2. Step 2: Recognize security risks

    Fast hashes allow attackers to try many guesses quickly; lack of salt means identical passwords have identical hashes.

  3. Final Answer:

    They lack built-in salting and are vulnerable to brute-force attacks -> Option D

  4. Quick Check:

    Fast hashes lack salt and resist poorly [OK]
Quick Trick: Avoid fast hashes without salt for passwords [OK]
Common Mistakes:
MISTAKES
  • Thinking fast hashes improve security
  • Confusing hashing with encryption
  • Believing hash length affects security

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Flask Quizzes
Background Tasks - Why background processing matters - Quiz 6medium Deployment - Database migration in deployment - Quiz 3easy Security Best Practices - Session security - Quiz 4medium Security Best Practices - Input sanitization - Quiz 9hard Testing Flask Applications - Test fixtures with pytest - Quiz 5medium Testing Flask Applications - Testing routes and responses - Quiz 2easy Testing Flask Applications - Test fixtures with pytest - Quiz 14medium Testing Flask Applications - Testing with database - Quiz 10hard WebSocket and Real-Time - Namespace concept - Quiz 10hard WebSocket and Real-Time - Polling as fallback - Quiz 12easy