HomeCoursesPassword Security: How not to Store Passwords

4.3

Intermediate

Password Security: How not to Store Passwords

Join 2.7 million developers at

Overview

Content

Reviews

There are a lot of common mistakes in password security. From storing plaintext passwords to not salting user passwords, to using insufficient hashing algorithms like SHA-1. In this course, you will learn why plaintext passwords, encryption, and plain hashes are security measures that should not be used. In each lesson, you will learn why these password storage techniques increase your risk for a cyber attack. Beyond that, you’ll also learn how to fix them to create a more secure login experience. By the end of this course, you will have a strong understanding of password security, and you will be better equipped to create web apps that users trust.

There are a lot of common mistakes in password security. From storing plaintext passwords to not salting user passwords, to usin...Show More

Content

9 Lessons1 Quiz

Introduction to Storing Passwords

Storing Plain Text Passwords

Storing Encrypted Passwords

Storing Hashed Passwords

Storing Passwords Using Salted Hashes

Strong-ish Password Hashing

Strong Password Hashing

Quiz

Wrapping Up

Certificate of Completion

Showcase your accomplishment by sharing your certificate of completion.

Course Author:

Paul Boyd

Developed by MAANG Engineers

Every Educative lesson is designed by a team of ex-MAANG software engineers and PhD computer science educators, and developed in consultation with developers and data scientists working at Meta, Google, and more. Our mission is to get you hands-on with the necessary skills to stay ahead in a constantly changing industry. No video, no fluff. Just interactive, project-based learning with personalized feedback that adapts to your goals and experience.

Trusted by 2.7 million developers working at companies

"These are high-quality courses. Trust me. I own around 10 and the price is worth it for the content quality. EducativeInc came at the right time in my career. I'm understanding topics better than with any book or online video tutorial I've done. Truly made for developers. Thanks"

Anthony Walker

@_webarchitect_

"Just finished my first full #ML course: Machine learning for Software Engineers from Educative, Inc. ... Highly recommend!"

Evan Dunbar

ML Engineer

"You guys are the gold standard of crash-courses... Narrow enough that it doesn't need years of study or a full blown book to get the gist, but broad enough that an afternoon of Googling doesn't cut it."

Software Developer

Carlos Matias La Borde

"I spend my days and nights on Educative. It is indispensable. It is such a unique and reader-friendly site"

Souvik Kundu

Front-end Developer

"Your courses are simply awesome, the depth they go into and the breadth of coverage is so good that I don't have to refer to 10 different websites looking for interview topics and content."

Vinay Krishnaiah

Software Developer

Hands-on Learning Powered by AI

See how Educative uses AI to make your learning more immersive than ever before.

Personalized Interview Prep

Skip the LeetCode grind with a custom roadmap that adapts to your goals. Hands-on practice for Coding Interviews, System Design, and more.

Mock Interviews

Test your skills in a simulated interview setting. Receive personalized feedback based on your performance. Available for Coding Interviews, System Design, and more.

AI Prompt

Build prompt engineering skills. Practice implementing AI-informed solutions.

Code Feedback

Evaluate and debug your code with the click of a button. Get real-time feedback on test cases, including time and space complexity of your solutions.

Explain with AI

Select any text within any Educative course, and get an instant explanation — without ever leaving your browser.

AI Code Mentor

AI Code Mentor helps you quickly identify errors in your code, learn from your mistakes, and nudge you in the right direction — just like a 1:1 tutor!

Course

A Guide to Securing Node.js Applications

Gain insights into securing Node.js applications: sanitize inputs, use HTTPS, encryption, explore authentication, access control, and protect against XSS, CSRF, and popular hacks.

4 h

intermediate

Course

Practical Security: Simple Practices for Defending Your Systems

Gain insights into effective security techniques including patching, cryptography, and phishing prevention. Explore practices to make systems resistant and vulnerabilities more detectable, enhancing defense against attacks.

9 h

intermediate

Course

Web Application Security for the Everyday Software Engineer

Gain insights into enforcing web app security best practices, such as HTTPS, defending against XSS and clickjacking, managing HTTP cookies, and warding off DDoS attacks.

4 h

intermediate

Course

Web Security and Access Management: JWT, OAuth2 & OpenId Connect

Gain insights into JWT, OAuth2, and OpenID Connect. Learn about HTTPS, encryption, and handshake techniques, and explore foundational concepts in web API security for enhanced application protection.

5 h

intermediate

Course

Web Security and Access Management: JWT, OAuth2 & OpenId Connect

Gain insights into JWT, OAuth2, and OpenID Connect. Learn about HTTPS, encryption, and handshake techniques, and explore foundational concepts in web API security for enhanced application protection.

5 h

intermediate

Course

Web Application Security for the Everyday Software Engineer

Gain insights into enforcing web app security best practices, such as HTTPS, defending against XSS and clickjacking, managing HTTP cookies, and warding off DDoS attacks.

4 h

intermediate

Course

Practical Security: Simple Practices for Defending Your Systems

9 h

intermediate

Course

A Guide to Securing Node.js Applications

Gain insights into securing Node.js applications: sanitize inputs, use HTTPS, encryption, explore authentication, access control, and protect against XSS, CSRF, and popular hacks.

4 h

intermediate

Course

A Guide to Securing Node.js Applications

intermediate

4 hour

Course

Practical Security: Simple Practices for Defending Your Systems

intermediate

9 hour

Course

Web Application Security for the Everyday Software Engineer