Bird
0
0

You want to upgrade your Flask app's password storage from SHA-256 to bcrypt. What must you do to avoid breaking existing user logins?

hard📝 Application Q9 of 15
Flask - Security Best Practices
You want to upgrade your Flask app's password storage from SHA-256 to bcrypt. What must you do to avoid breaking existing user logins?
ARe-hash all stored SHA-256 passwords with bcrypt immediately
BStore both SHA-256 and bcrypt hashes and check both on login
CRequire all users to reset passwords to generate bcrypt hashes
DUse bcrypt only for new users and keep SHA-256 for old users
Step-by-Step Solution
Solution:

  1. Step 1: Understand migration challenges

    Old SHA-256 hashes can't be converted to bcrypt hashes directly.

  2. Step 2: Implement dual-check strategy

    Store both hashes and verify against both to allow smooth transition without forcing resets.

  3. Final Answer:

    Store both SHA-256 and bcrypt hashes and check both on login -> Option B

  4. Quick Check:

    Dual hash check enables smooth migration [OK]
Quick Trick: Check old and new hashes during migration to avoid login breaks [OK]
Common Mistakes:
MISTAKES
  • Re-hashing hashes (impossible)
  • Forcing immediate password resets
  • Using only new hashes and breaking old accounts

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Flask Quizzes
Background Tasks - Why background processing matters - Quiz 6medium Deployment - Database migration in deployment - Quiz 3easy Security Best Practices - Session security - Quiz 4medium Security Best Practices - Input sanitization - Quiz 9hard Testing Flask Applications - Test fixtures with pytest - Quiz 5medium Testing Flask Applications - Testing routes and responses - Quiz 2easy Testing Flask Applications - Test fixtures with pytest - Quiz 14medium Testing Flask Applications - Testing with database - Quiz 10hard WebSocket and Real-Time - Namespace concept - Quiz 10hard WebSocket and Real-Time - Polling as fallback - Quiz 12easy