On May 9, 2012 the headlines were ‘58000+ Twitter username and passwords are leaked’. Twitter is one the most used social networks with 140 million active users. Such a networks security has been breached and considerably huge number of passwords along with usernames was made available on Pastebin which is a paste and share web service. As a response all those accounts hacked are deactivated immediately by Twitter.

From the early days I’m very much bothered about storing passwords in my application. After studying some cryptographic techniques I got some idea and I have been following them since then. I shared the idea which I was following in How your passwords are stored!. And I’m glad that I got a very good response and suggestion for that which totally lifted me to a new level on understanding the use of cryptographic hash functions for the purpose of storing passwords.

Most of us use numerous services available on the net such as mails, social networking services, and blogs. So it is obvious to have the question “Can a database administrator working on Facebook can get the password of my Facebook account if he wishes?”. A worthy question it is. But the answer is “No”. Your passwords are never stored as it is. (Well, I don’t know the policy of Facebook regarding this; I mention it just for an example).