After covering what makes for a good password in my previous post, it is important for developers to understand the equal importance of storing passwords securely. Whether you have designed an email service, web application or even operating system, it is essential that you store your passwords securely and specifically NOT AS PLAIN TEXT!! It is not enough to simply rely on your website security either, so any passwords in your database need to be encrypted somehow.
The problem with plain text:
No matter how much protection you have on the storage of your databases, there are always ways to obtain the data they hold, including social engineering and even a disgruntled employee as well as more complicated 'hacking' methods.
You may think this is fine for your Mongolian throat singing appreciation website, which only has 3 members, where the most damage that could be done is an obscene post on...
Last modified on