Working Code Podcast - Episode 026: Passwords

This week, the crew talks about passwords. Web applications store a great deal of sensitive information. But, there is something categorically different about storing passwords. Because - if compromised - a password from one application may grant a malicious actor access to another application. As such, it is essential that we store our customers' passwords using modern, one-way hashing algorithms that protect the underlying payload against increasingly powerful compute resources. And, that we have a way to evolve our password hashing strategies in order to stay a step ahead of potential attackers.

Of course, sometimes the best password hashing strategy is to not store a password at all. Using a "passwordless login" allows you to pass the responsibility of password storage off to another, trusted vendor.

Also, we've been doing this podcast for half-a-year! How awesome is that! Yay for us!

Or, listen to the full audio:

Listen to Episode 026, with:

• Adam Tuttle → Website, Twitter, LinkedIn
• Carol Weiler → Twitter, LinkedIn
• Tim Cunningham → Twitter, LinkedIn
• Ben Nadel (that's me) → Website, Twitter, LinkedIn

For the full show notes and links, visit the episode page. And, be sure to follow the show! Our website is workingcode.dev and we're @WorkingCodePod on Twitter and Instagram. Or, leave us a message at (512) 253-2633‬ (that's 512-253-CODE). New episodes drop weekly on Wednesday.

Short link: https://bennadel.com/go/4062