Password Hash
Explore the process of enhancing security for a Rails API by hashing user passwords. Understand why password hashing is essential, how to use the bcrypt gem alongside has_secure_password, and test hashed password functionality in the user model.
What is password hashing?
Password hashing transforms the password into another string called the hashed password. This is a one-way transformation of a password, which means it is impossible to turn the hashed password back into the original password. However, we can easily use this hash to determine if a given character string matches the hash we have stored.
Why hash the passwords?
If our database is compromised, the hacker may have access to all the emails and passwords stored in the database. Some people use the same password for multiple accounts, like social media accounts, bank accounts, and application accounts, which enables the hacker to use their application password to access other accounts. This could result in massive identity theft. That ...