Code Room
Code reviewMediumcr-g246
Subject Crypto misuseLevel Mid–Senior~25 minCommon in Security · Algorithms & data structures interviewsIndustries Software development

Question

Review this Python password storage.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewpython
import hashlib, os def hash_password(password: str) -> str:    salt = os.urandom(16)    digest = hashlib.sha256(salt + password.encode()).hexdigest()    return salt.hex() + ':' + digest def verify(password: str, stored: str) -> bool:    salt_hex, digest = stored.split(':')    salt = bytes.fromhex(salt_hex)    return hashlib.sha256(salt + password.encode()).hexdigest() == digest
Run or narrate your approach, then ask the coach.