I’ve recently discovered two great papers about password security. Both from Google. One is for users and one for system designers. We all use passwords so I consider the one addressed to users a must-read for (almost) everyone. I include here just best practices, to give you a snippet of what’s inside them.

For users

https://cloud.google.com/solutions/modern-password-security-for-users.pdf

security-for-users.png

For system designers

https://cloud.google.com/solutions/modern-password-security-for-system-designers.pdf

security-for-designers.png

There is a nice demo provided by a password manager (in this case Bitwarden) to see how password encryption works behind the scenes: https://bitwarden.com/crypto