(These are notes adapted from a presentation I gave at the LakeHub workshop this week. They owe a lot of debt to this article, which inspired the talk. If you already know that you should just use bcrypt or something similar, and why, you can just skip to the ‘conclusions’ section.)
So let’s suppose you’ve just made a hot new website from which you’ll make a million dollars a year. You get to the point of creating a database for all of your users who will be logging in and doing things like buying airplanes, so you put together a database table. Maybe it looks something like this:
A few weeks after launch, you have two million users, and someone breaks into your server and steals the database. Of course, they don’t tell you that they did this; they’re much happier to keep the database, pull out a name and password, log in as someone else, and use your site to steal lots of money and undermine the basic building blocks of democracy and common decency. After sending apologies to the userbase, you decide that your database structure was flawed.