May 31, 2025
This week, I learned about JSON Web Token (JWT) authentication and password hashing. JWT is a secure way to send information between the client (front-end) and the server (back-end). When a user signs up or logs-in to a website, the server creates a JWT that contains the user’s information, such as their username, password, and ID. This is mainly used for authentication and works with Bcrypt to hash passwords securely.
Password hashing transforms plaintext passwords into a long string of mixed characters, making it difficult for attackers to decode. One concept I learned was to salt the password. Salting adds a random value to the password before hashing, ensuring two users with the same password have different hashes. There is much more to learn about user security and authentication. However, I am excited to continue learning about this topic in future courses.