I sent the developers home with a new assignment: Don't store passwords. Store hash values instead. They understood right away, saw it was a good idea, and agreed to do it that way. And I hope word gets around, because I hate to think we are perpetuating bad practices in the most important part of our software, the login.
Sign up for CIO Asia eNewsletters.