Authentication protocols need to employ encryption to protect the session from exposure to intruders; over the past few years, we have heard time and time again of data breaches that have left user data vulnerable and passwords in the hands of bad actors. In a secure world, passwords are typically hashed, salted, and stretched, and electronic communications should be encrypted to ensure secrecy. Just hashing or encrypting data may not be enough, though. The best encryption schemes will not protect data from poorly constructed passwords. In this chapter, you'll be introduced to password practices, get an understanding of some common historical cryptography schemes, and learn the Python code that will bring all the topics together. Specifically, you will gain cryptographic knowledge as you do the following:

• Explore best practices for passwords
• Explore the basics of encryption schemes
• Explore the use of historical ciphers and their cryptanalysis
• Gain an understanding of why it is critical to use well-established encryption algorithms

Password Best Practices

Throughout this book, your purpose is to gain an understanding of how to use strong cryptographic schemes and how to identify and attack weak schemes. If you work as a security professional, you will also need to help people in your organization protect their data from themselves. You may be required to define policies, procedures, and controls regarding passwords. Even if our systems or ...