JavaScript React Authentication Implementing Basic Authentication Set up Basic Authentication

Paul Messmer
Paul Messmer
14,424 Points

Would you still use something like bcrypt?

so the way I understand it is this makes the credentials encoded before sending it to the server. Would you still run the encoded credentials though a program like bcrypt before passing it to the data base?

I assume the answer is yes because it would be one more step of safety built into the website but would still like to know

1 Answer

Jennifer Nordell
seal-mask
STAFF
.a{fill-rule:evenodd;}techdegree
Jennifer Nordell
Treehouse Teacher

Paul Messmer Absolutely! No password should ever be saved in the database unencrypted. You would want to save the hash of the password in the database as opposed to saving the password as plain text. Then when the user sends their credentials, you'd compare the hash of what they send to the hash stored in the database server-side. :smiley:

Hope this helps! :sparkles: