This post should have a nicer title, but I can’t find it. It’s about security factors and some misperception about them.
Some say that keeping passwords in a [web] application is a boring and trivial task: some hashing, maybe some salt, et voilà! However, storing passwords and other sensitive data might not be as simple as it seems. You’ll see a bunch of examples of what to do and what not to do based on a freelance’s experience. Watch and see if you’re not sitting on a bomb. This talk (in various formats) has been presented at Chamberconf, 4Developers, Devoxx Poland, Wrocław JUG, Coffee JUG Lviv, jLabs Academy and others.