
How to Store User Passwords in 2017 - evantai
http://blog.rangle.io/how-to-store-user-passwords-and-overcome-security-threats-in-2017/
======
facorreia
The article says:

> never store passwords in plaintext

It should say:

> never store passwords in any form; store a hash of the password instead

It's a common mistake to confuse "password hash" with "encrypted password".

~~~
Nomentatus
For completeness, the point of this apt comment being that you don't want your
employees or anyone else to be able to derive passwords en masse, so why leave
that capability lying around; when a hash does everything that you require.
(Some) hashes have also the advantage of masking the length of passwords.

