Code Room
Vibe codingHardvc-g197
Subject Ai prompt specLevel Senior–Staff~18 minCommon in Security · Algorithms & data structures interviewsIndustries Software development, Technology

Question

You're asking an AI agent to implement password storage and verification for a TypeScript/Node auth service. Write the spec that gets it right and keeps you out of the next breach post-mortem. What library, algorithm, and parameters do you mandate, what must NEVER be hand-rolled, and what acceptance criteria prove the comparison and hashing are safe? Then describe what a naive prompt ('hash and check the user's password') tends to produce.

What a strong answer looks like

Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.

Describe your solution

Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.

Run or narrate your approach, then ask the coach.