Basics: Secure password hashing with salts
Anyone who develops software and especially if he/she does so in the web environment, has certainly already written one or the other login system or at least had points of contact in this area. Besides the logic of a secure login or user management system, the secure storage of passwords is one of the most important points during implementation.
Even if the actual login code is 100 percent error-free and secure (which should never be assumed in practice), security vulnerabilities in the server software can still lead to intrusions or hacks. There is always a variable that is out of one’s control and thus websites are hacked, compromised and complete databases with usernames and passwords are read every day.
In order to protect users in the best possible way in the event of such a hack, […]