0
0
Ruby on Railsframework~20 mins

has_secure_password in Ruby on Rails - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Challenge - 5 Problems
🎖️
Secure Password Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
component_behavior
intermediate
2:00remaining
What does has_secure_password add to a Rails model?
In a Rails model using has_secure_password, which of the following features is automatically added?
AIt adds OAuth login support for third-party providers like Google and Facebook.
BIt automatically encrypts all model attributes using AES encryption.
CIt adds methods to set and authenticate against a BCrypt password, including <code>password=</code> and <code>authenticate</code>.
DIt validates that the password is at least 12 characters long by default.
Attempts:
2 left
💡 Hint
Think about what has_secure_password does with the password field and authentication.
📝 Syntax
intermediate
2:00remaining
Which code snippet correctly enables has_secure_password in a Rails model?
Select the correct way to add has_secure_password to a Rails model named User.
A
class User &lt; ApplicationRecord
  has_secure_password
end
B
class User &lt; ApplicationRecord
  secure_password
end
C
class User &lt; ApplicationRecord
  has_password_secure
end
D
class User &lt; ApplicationRecord
  include HasSecurePassword
end
Attempts:
2 left
💡 Hint
The method name is exactly has_secure_password.
state_output
advanced
2:00remaining
What is the value of user.authenticate('wrong') if the password is incorrect?
Given a User model with has_secure_password and a user with password 'secret', what does user.authenticate('wrong') return?
Ruby on Rails
user = User.new(password: 'secret', password_confirmation: 'secret')
user.save
result = user.authenticate('wrong')
Anil
Bfalse
Ctrue
DRaises an exception
Attempts:
2 left
💡 Hint
Check the documentation for authenticate return values on failure.
🔧 Debug
advanced
2:00remaining
Why does has_secure_password raise an error when the password_digest column is missing?
You added has_secure_password to your model but get an error about password_digest missing. Why?
ABecause <code>has_secure_password</code> only works with <code>encrypted_password</code> column, not <code>password_digest</code>.
BBecause <code>has_secure_password</code> requires a <code>password</code> column, not <code>password_digest</code>.
CBecause the model must include <code>bcrypt</code> gem explicitly in the model file.
DBecause <code>has_secure_password</code> requires a <code>password_digest</code> column to store the encrypted password.
Attempts:
2 left
💡 Hint
Think about where the encrypted password is stored in the database.
🧠 Conceptual
expert
3:00remaining
How does has_secure_password improve security compared to storing plain passwords?
Why is using has_secure_password better for security than saving plain text passwords in the database?
AIt encrypts passwords with a reversible cipher so admins can recover user passwords if needed.
BIt hashes passwords with BCrypt, making it computationally expensive to reverse and protects against leaks.
CIt stores passwords in plain text but hides them from the Rails console.
DIt requires users to change passwords every day automatically.
Attempts:
2 left
💡 Hint
Think about what hashing means and why it is safer than plain text.