Exercises: Password Encryption

In this exercise you will design a user authentication system for modern a Web or mobile app, following the industry's best practices. Implement user register / login / change password functionality, using the Argon2 secure password hashing with random salt. Keep the usernames and their corresponding Argon2 hashed passwords (along with the Argon2 algorithm parameters and the random salt) as key-value pairs in the form username:argon2hash, in a simple JSON document. In the real world you may use a database instead of JSON document, but let's keep the exercise simple.
...
TODO
...
Implement "Register User"
Input: username + password + JSON holding all current accounts.
Output: modified JSON file or "user exists" exception.
...
TODO
...
Implement "User Login"
Input: username + password + JSON holding all current accounts.
Output: correct / incorrect login.
...
TODO
...
Implement "Change Password"
Input: username + old password + new password + JSON holding all current accounts.
Output: modified JSON file or "user exists" exception.
...
TODO
...
Implement "Reset Password"
Input: username + new password + JSON holding all current accounts.
Output: modified JSON file or "user exists" exception.
...
TODO
...

Secure Password Storage

Secure Random Generators

Last modified 1yr ago