Security Journey

The password storage vulnerability is not fixed. Passwords are still being stored in plaintext.

Register a new user with the username testuser and password 1234 (you may choose any desired values for the company field). Did any errors appear in the Sandbox Output window?

Switch to the User Registry tab and select the Refresh Users button. Verify that the new testuser appears in the table.

Verify that the displayed password for testuser is: 03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4.

This is the correct SHA-256 hash for 1234. If a different password value is shown, examine your hashing implementation in the <code>registration</code> function for bugs. Ensure you are using the correct hashing algorithm.

Note: By default, the C# version of this lesson will output the hash with uppercase alpha characters, but the tests account for this.

Vulnerability Is Not Fixed (Secure Password Storage: Part 1 Lesson)

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Issue:

Test 1:

Test 2:

Test 3: