24. Bcrypt Passwords (Points: 8)

As a user, my password should not be stored in plain text.

Storing passwords in plain text is a significant security risk, as it exposes sensitive information in case of a data breach. To enhance security, passwords should be hashed before being stored in the database.

For this challenge use the bcrypt npm package to hash passwords before they are stored.

Additionally, update the login workflow to work with the now hashed passwords.

You’ll need to make changes in the Authentication and Authorization services.

Acceptance Criteria:

  • Passwords should no longer be stored in plain text in the database when an account is created.

  • The solution must be compatible with existing user workflows (ex: login flow), ensuring a smooth transition without requiring password resets for current users.

Carleton Computer Science Society
4135 Herzberg Laboratories
1125 Colonel By Drive,
Ottawa, ON K1S 5B6

email: info@ccss.carleton.ca

© 2024 Carleton Computer Science Society