user information (specifically, user email addresses, password hashes, session tokens, and last login timestamp)
