Episode 9 — Design Password Storage That Survives Breaches Using Modern Hash Strategies
This episode explains how to store passwords so that a database breach does not immediately become an account compromise event, focusing on modern hashing strategies and the governance decisions leaders must enforce across systems. You will learn why reversible storage and fast hashes fail, how slow password hashing functions reduce guessing speed, and how unique salts prevent identical passwords from producing identical stored values. We also cover the purpose of peppers and where they belong operationally, plus best practices like rehashing on login when parameters are strengthened over time. Scenarios include responding to a credential database leak, limiting blast radius through strong storage design, and troubleshooting authentication systems that were built with legacy algorithms, weak iteration counts, or inconsistent implementations across applications. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
