Simple: Don’t store passwords.

If a plain text, or badly encrypted, password database is leaked, either by an attacker, or inadvertently by an employee or user, then all users are compromised.

The purpose of a password is to confirm that the user who registered with the system some time ago is the same person wishing to use the system now.

1. When a user registers they submit a password. Process the password with a non-reversible calculation and store the result.
2. When a user tries to log in, process that password using the same non-reversible calculation.
3. If the originally stored result and the log in attempt match, the original passwords must have matched.

There are complexities in this process, and errors in logic or mathematics can fatally weaken this approach . Therefore a developer should not develop their own system, but use a published library solution.

There are three fundamental concepts in processing these passwords. Each is designed to make life difficult for an attacker trying to reverse the calculation, or pre-calculate all the possible outputs.

• Salting: The process of adding a system specific piece of data (the Salt) to the password. This makes the result of the password calculation different on different systems, a breach on one does not compromise all.
• Stretching: Increasing the length of a password. A user may only have a 12 character password, but stretching it with a suitable Salt increases the effective complexity of the password. This calculation is designed (by repetition) to take a long time to slow down an attacker, reducing the number of password calculations he can test per second.
• Hashing: A non-reversible function that takes a stretched password and turns it into a value that can be safely stored. Cryptographic Hash functions are normally designed to be very quick to perform as they are used to validate documents, cryptographic certificates and so forth, hence the stretching phase is required to slow an attacker down.

The process of handling passwords, and other vital data, is a specialism. It is worth obtaining assistance in the design of such systems.