Quick study sessions to strengthen memory and retain key concepts.
Why should passwords be hashed with a salt before storing?
Salting passwords makes each hash unique, defeating rainbow table attacks. Salting involves appending a unique random string to…
View Card →How does a unique salt defeat rainbow table attacks?
It ensures unique hashes for each password. Rainbow tables exploit pre-computed hashes of common passwords. By adding a…
View Card →Why do teams use BCrypt over SHA-256 for password hashing in production code?
BCrypt is slower and more secure. Frame the concept in practical terms so you can explain it during…
View Card →How does a CSRF token defend against attacks?
It ensures requests are from legitimate users. A CSRF token is a unique, secret value sent with user…
View Card →What are the trade-offs of using fast hashing algorithms?
They are vulnerable to brute-force attacks. Fast hashing algorithms like MD5 and SHA-256 are vulnerable because they allow…
View Card →Why is using JWT tokens advantageous for stateless authentication?
It eliminates server-side session storage. JWT tokens contain all necessary information for authentication, allowing servers to be stateless.…
View Card →How does HTML encoding prevent stored XSS attacks?
It converts characters to prevent script execution. HTML encoding transforms characters like '' into HTML entities, preventing browsers…
View Card →Why does the Spring Security filter chain matter in this design?
It processes security-related requests. Frame the concept in practical terms so you can explain it during interview discussion.…
View Card →How do prepared statements prevent SQL injections?
They separate SQL logic from data. Frame the concept in practical terms so you can explain it during…
View Card →Why does the signature in a JWT token matter in practice?
It verifies the token's integrity. Frame the concept in practical terms so you can explain it during interview…
View Card →