FAQ: Bcrypt - Bcrypt in a REST API

This community-built FAQ covers the “Bcrypt in a REST API” exercise from the lesson “Bcrypt”.

Paths and Courses
This exercise can be found in the following Codecademy content:

(Beta) User Authentication & Authorization in Express

FAQs on the exercise Bcrypt in a REST API

There are currently no frequently asked questions associated with this exercise – that’s where you come in! You can contribute to this section by offering your own questions, answers, or clarifications on this exercise. Ask or answer a question by clicking reply (reply) below.

If you’ve had an “aha” moment about the concepts, formatting, syntax, or anything else with this exercise, consider sharing those insights! Teaching others and answering their questions is one of the best ways to learn and stay sharp.

Join the Discussion. Help a fellow learner on their journey.

Ask or answer a question about this exercise by clicking reply (reply) below!
You can also find further discussion and get answers to your questions over in #get-help.

Agree with a comment or answer? Like (like) to up-vote the contribution!

Need broader help or resources? Head to #get-help and #community:tips-and-resources. If you are wanting feedback or inspiration for a project, check out #project.

Looking for motivation to keep learning? Join our wider discussions in #community

Learn more about how to use this guide.

Found a bug? Report it online, or post in #community:Codecademy-Bug-Reporting

Have a question about your account or billing? Reach out to our customer support team!

None of the above? Find out where to ask other questions here!

Does anyone know about the following potentially: What’s to stop using Bcrypt being used to create a rainbow table of Bcrypt hashed passwords? Like it adds in salt sure… but what stopping some let’s call them for polite conversation “information specialists” (Tanis Podcast Fan: MeerKatnip is my Queen) or maybe the industry term applies here: pen. testers making a table of deliciously salty and hashed passwords to test the security of a site. Did I misunderstand something?

Huh the B stands for Blowfish :blowfish:

It does seem to rely on the fact that it’s slow running (pretty much what CC says) and the idea that Salt makes close to unique passwords. Hmmm slow and steady wins the race for now :turtle: