At this point, we have a working application with a login page, but we have no way to get through since we don't have a valid username and password in our database yet. Before we figure out how to save our users (or how to create a registration page), we need to talk about passwords.
Passwords are the scariest way of protecting information. There are several technical and psychological reasons for this:
pony_123looks good and secure to us. In theory this is true, but that's only part of the truth. ...