Authentication

JWT - JSON Web Token

These are used primarily to authenticate users after they have logged in to your database successfully. The main goal being for the client to store a way to automatically verify a user is allowed to access certain information without having to constantly go back and log in every time they want to access it. The main features that make these secure are the timeout period and the ability to hash them with salt so that they aren't easily decrypted.

Hash & Salt

Hashing is a way of taking a regular plain text string and having a server scramble it with a certain algorithm so that it is indecipherable without access to that algorithm. You always want to go from string to hash when comparing passwords and never the reverse direction.

Salt is a way to add extra layers of security to a hashed string. It is essentially like sprinkling a little bit of extra random security all throughout the hashed string.