Password security - not the most exciting part of your app. Because its complicated to build well, time-consuming to maintain securely, and because attacks are escalating through cloud technologies, even big companies like Sony and LinkedIn take shortcuts that lead to major security breaches. However, this is incredibly foolhardy: the average cost of a data breach is more $5.5 Million. We want to lay out some best practices to show how password security should be done (from level 0 to 5, with 5 being the most secure), and maybe convince you that you don't want to take on that kind of risk yourself.
Level 0: No Plaintext Anywhere
A big, red flag should go up whenever you see a password in plaintext. While many will claim "no idiot would do this," Sony Playstation last year lost 1,000,000 of their passwords to a simple SQL injection attack, and Yahoo lost over 400,000 plaintext passwords this summer. Bad times. Emails that "confirm account details" - with both username and password in plaintext - are actually less helpful to users than a simple, secure password reset workflow, and if you only need a simple user directory, you can set one up with Stormpath quickly. No plaintext in your database or your notifications! (We mean YOU, French National Bank!)
Level 1: Don't Just Hash It...