Encrypt Passwords

[MadSmith17]

User Story
Bob wants to ensure his password is securely encrypted when he registers on the website, and that no one can access his password in plain text. He wants confidence that his data is secure when stored in the database.

User: Bob, who wants to protect his password
Feature: A secure password encryption mechanism that ensures passwords are encrypted before being stored in the database.
Business Value: This feature ensures data security, increasing user trust and compliance with security standards. It protects users' passwords from exposure and minimizes the risk of a security breach.

Tasks:

• Implement password encryption using a robust hashing algorithm (e.g., bcrypt).
• Create unit tests for the encryption process to verify that passwords are hashed before storage.
• Update user registration and login flows to handle password encryption and verification.
• Add functionality to ensure that passwords are not stored in plain text in the database.
• Create a mechanism to compare the hashed password during login to the one in the database.

Acceptance Criteria:

• All passwords are encrypted before being stored in the database.
• Unit tests ensure that plain text passwords are not stored.
• Users can register and log in successfully using their encrypted passwords.
• Password verification during login works as expected with encrypted passwords.
• All tests pass when running the test suite.

[sjiang1]

This issue doesn't have a timeline.