Rules for password

• Family names
• birthdays
• any part of SSN
• Fav team
• Pet names
• DO NOT reuse passwords on important websites
• DO NOT dictionary terms

Needs for good password

• 8 characters minimum
• lowercase and uppercase
• include special characters

How are passwords stored

• if stored correctly then the password is Encrypted

Hashing

• When a user changes their password, it is first passed through a cryptographic algorithm
  • brypt
  • Argon2
  • SHA-256
• This hash is what gets stored in the database

Salting

• A salt is a unique, random value that is generated and combined with the password before hashing, if 2 users have same password, hash is different
• stored with hash