Why are plain text passwords bad, and how do I convince my boss that his treasured websites are in jeopardy?

Question

I\'ve always been of the impression that storing passwords in a database as plain text is (as someone else here put it) a Very Bad Thing™.

Historically, most of our

Answer 1

Here are a few reasons:

• Someone might break into your site. It may be unlikely, and this probably won't sway your boss (I can hear the conversation now: "Are you saying that the site isn't secure?") But it happens, and remember, no one ever thinks that their site will honestly be broken in to...
• Casual viewing of the database by insiders (like yourself): You might not be TRYING to look at anyone's passwords, but you might, during the normal course of your work, need to look through the table containing the passwords. Considering that many people use the same password for absolutely everything (including possibly your boss!) you wouldn't want all of those passwords exposed. Ask your boss if he has ever reused a password on two different sites
• If anyone ever found out that your application didn't encrypt the passwords, they might seriously question the trust of your application
• It costs basically nothing to hash a password (preferably with a salt) into the database, so why not?