Created
January 9, 2017 11:41
-
-
Save johnfkneafsey/9d1b47f33a077dc052ec40aad9542cbb to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) What is a hash function? | |
| A hash function is a function that takes a password string and "hashes" it, or encodes it, using an algorithm meant to hide the original password. | |
| 2) What is a one-way hash? | |
| One way hashes are hashed strings that are almost impossible to reverse. | |
| 3) What is the problem with storing passwords as plain text? | |
| Plain text passwords can be comprised by hackers. Typically if a hacker can get their hands on one user's password they will be able to access multiple accounts because users tend to reuse passwords. | |
| 4) How does HTTP Basic Authorization work? | |
| The application will check the request header for a valid username and password combination. If valid, the user's request is routed and a successful response is sent back. | |
| 5) How would you use Passport to protect an API endpoint? | |
| Passport will take a look at the user credential in the request header and run them through a database of valid users. If the users match, the program will then check to make sure that a valid password is supplied. | |
| This authentication method will run every time a user tries to request an API endpoint. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment