COMP 2406 Study Guide - Final Guide: Javascript, Bcrypt, Dictionary Attack

To make sure that the password is not stored unencrypted on the server. Password might not be encrypted or secured specially to prevent unauthorized access if we do not use bcrypt. Bcrypt is the key derivation function for passwords which keeps the text passwords safe and changes the user. password to a hash for security purposes. Views contain all the templates for generating html. Deleting line 9 would make the body of all pages blank. If someone is trying to break into your system, you don"t want them to know that they have come accross the valid account and they are trying to figure out the password. You just want them to know that that either the username or the password is not the right one without giving them clues that the username is at least right, but not the password. Therefore, for the price of security, both error messages are the same.