How to store passwords *correctly*?

Question

An article that I stumbled upon here in SO provided links to other articles which in turn provided links to even more articles etc.

And in the end I was left complet

Answer 1

Use:

1. Hashed password storage
2. A 128+ bit user-level salt, random, regenerated (i.e. you make new salts when you make new password hashes, you don't persistently keep the same salt for a given user)
3. A strong, computationally expensive hashing method
4. Methodology that is somewhat different (hash algorithm, how many hashing iterations you use, what order the salts are concatenated in, something) from both any 'standard implementation guides' like these and from any other password storage implementation you've written