Security is an important element in today’s world, especially in the world of hosting. Your virtual servers and hosting must be very secure and for this you need to store your passwords securely and correctly. This article will describe some practical tips on how to do this. Here are some guidelines for storing passwords in a database:

Password hashing

Never store passwords in plain form. What does it mean? For example, simply your password TestingExample!@#$%%@$ will be saved in text form. Instead, use cryptographic hash functions to create password hashes. A hash is an untranslatable string of characters, and recovering the original password from a hash is difficult.

Salt

This means “random value”. How to describe it? Use unique salts for each user before hashing the password. This is a kind of random string added to the password before hashing, which makes dictionary brute force attacks more difficult.

Using Cryptographic Hash Algorithms

Use secure cryptographic hash algorithms such as bcrypt, Argon2 or scrypt. They are designed to provide security when hashing passwords.

Iteration Parameters

Set a sufficient number of iterations for the hashing function. This will make brute force attacks more difficult even if attackers gain access to the hashes.

Non-use of Obsolete Methods

Avoid outdated and less secure hashing methods such as MD5 or SHA-1.

Additional Data Storage

In addition to the hash and salt, store additional metadata in the database, such as the hashing algorithm and iteration parameters. This will help ensure compatibility with security updates.

Prohibition of Directly Related Passwords

Do not allow simple or directly ID-related passwords (such as “password123” or “user123”).