Use proper hashing for passwords (Thomas)

[Zenexer]

@F-Torakuma, @AlecCItz is currently working on improving password security in issue #85. It's a big task but also very important, so I'd appreciate if you could follow the same process in parallel. As we get further along we'll merge your tasks into one so you can work on the code together, but for now I'd like you each to research independently and come up with a solution that we can implement quickly, easily, and securely.

Here's the original checklist:

• [ ] Research secure ways to salt and hash passwords in Java.
• [ ] Propose a solution in a comment on this issue. Note the hashing algorithm that you plan to use and what class you'll need to implement it. (Java already has many classes for this purpose.) If you plan to generate salt yourself, detail how you plan to do so securely. (The Random class is not secure enough for password hashing.) This doesn't need to be a long explanation; just some quick notes so we're all on the same page.
• [ ] I'll work with you to find any potential flaws in the plan.
• [ ] Modify the authentication code to use the new password system. You'll probably want to put the bulk of the code in one of the user classes (e.g., UserData_Table), then replace getPassword with something like checkPassword.

[dewskii]

@fredepd subscribe to this

[dewskii]

@AlecCItz @F-Torakuma Reference http://viralpatel.net/blogs/java-md5-hashing-salting-password/ Note: current link uses MD5, instead use SHA-1 or SHA-256(probably not)