Reading: Oath

1. Why is authentication important

Authentication handles the questions of “who you are”. Once we figured out who the user is, then we can render the specific infomation that is related to this user to this user.

2. Why should we be careful about storing a user’s password

Database needs Admins. Admins have privilege to oversee everything inside the database. If the password is stored in plain text, it will casue too much security risks.

3. What is the difference between hashing and encryption

Encryption is a two-way function; what is encrypted can be decrypted with the proper key. Hashing, however, is a one-way function that scrambles plain text to produce a unique message digest. With a properly designed algorithm, there is no way to reverse the hashing process to reveal the original password.
gcn.com

4. What is the difference between encryption and encoding

Encoding is for maintaining data usability and can be reversed by employing the same algorithm that encoded the content, i.e. no key is used. Encryption is for maintaining data confidentiality and requires the use of a key (kept secret) in order to return to plaintext.
danielmiessler.com

5. What is a token used for

A token is used to make security decisions and to store tamper-proof information about some system entity. While a token is generally used to represent only security information, it is capable of holding additional free-form data that can be attached while the token is being created. widipedia.org