I think I'm a little bit confused as to how hashing works. How is it possible to have a one-way hash, that can't be reversed? Isn't it always possible that some very determined person or program could find a way to reverse the hashed value?

Also, can you explain what it means for bcrypt to be 'slow', and why it is a good thing for the algorithm we use to be slow?

So, what exactly is hashing adding onto the inputted password? A hexadecimal? It’s unique, but randomized? How does the system compute the hash?

I'm a little confused by the second scenario in the concurrency section-why would one insert work but not the other? Also, why does the updated code solve the problem? 

How does last insert ID work if you don't know when other users might have been created in the meantime?

Is the term hashing used two ways? One way referencing how we "hash" passwords to protect them and make them more secure, and the other way referring to a hacker "hashing" the password (i.e. trying to crack it)?

In the reading it says that you can store username in session but I didn’t see that in the login code. Is it possible to go over sessions? To make sure, username and passwords should be stored in its own table? 

How does the computer tell \xe4\xbd\xa0, \xe5\xa5\xbd (two 3-byte symbols) from \xe4\xbd, \xa0\xe5, \xa5\xbd (three 2-byte symbols) in UTF-8 encoding?