Quiz: Authentication & Authorization

Test what you learned in this lesson before moving on.

Pass with 80% to complete this lesson.

1. Why is bcrypt preferred over SHA-256 for password hashing?

2. What is the main disadvantage of JWTs compared to server-side sessions?

3. What is an IDOR vulnerability?

4. Why should the 'state' parameter be used in OAuth flows?