Secure Passwords and Authentication

Questions and Answers

What is the purpose of using bcrypt in an application that also uses JWT for authentication?

To verify that a user is who they claim to be

To securely hash and store user passwords (correct)

To encrypt sensitive user data

To transmit user authentication information between client and server

What is the main difference between JWTs and bcrypt in an application's security?

JWTs are used to authenticate users and authorize their access to protected resources, while bcrypt is used to securely hash and store user passwords (correct)

JWTs and bcrypt both serve the same purpose in an application's security

JWTs are used to encrypt sensitive user data, while bcrypt is used to transmit user authentication information

JWTs are used to transmit user authentication information, while bcrypt is used to authorize access to protected resources

When a user logs in, what is the process of comparing the hashed version of the password stored in the database with the plaintext password that the user entered during login?

Using a hashing function

Using encryption

Using JWT

Using bcrypt (correct)