Every other week there seems to be a new dump of cracked passwords, hurting innocent and unbeknownst users. It seems as if keeping users passwords safe is a herculean task, even beyond the most resourceful organizations. However, it doesn't have to be.
Password hashing is an important discipline in cryptography. Securing passwords has become so integral to our society that in 2013 a Password Hashing Competition was announced, for the academic community to band together and develop a common recommendation for future use. In this talk, I'll showcase how to handle passwords correctly and safely and clear out misinformation that still abounds in tutorials and blog posts. All with heaps of demos to motivate, make the material concrete and so everyone can follow along!