I feel that simply saying "hash" here is a little... irresponsible. Without mention of actually having some kind of work factor/key derivation/key stretching (owasp, wiki: key derivation, wiki: key stretching) it seems like fairly poor advice. Recommending only "using a salt" seems entirely insufficient.
Regarding: password storage
I feel that simply saying "hash" here is a little... irresponsible. Without mention of actually having some kind of work factor/key derivation/key stretching (owasp, wiki: key derivation, wiki: key stretching) it seems like fairly poor advice. Recommending only "using a salt" seems entirely insufficient.