Storing passwords security is an art and a science. In this episode, we'll talk with JP Aumasson, a highly respected cryptographer who's dedicated most of his professional life to making your passwords more secure. He ran the Password Hashing Competition, which just selected a new 'most secure' password hashing algorithm: Argon2. He's done thousands of hours of cryptanalysis, and he's a total security badass. This episode covers: How JP got into security stuff. What is the academic crypto community like? What's the difference between cryptographic hash functions and NON-cryptographic hash functions? Are MD5 and SHA1 secure? What are CPU and memory hard algorithms? What's wrong with bcrypt? scrypt? How do memory hard algorithms work? How did the Password Hashing Competition come to be? What is Argon2, and what makes it awesome? How should developers store passwords today in the most secure fashion? What new stuff is JP Aumasson doing next? What advice do you have for developers who want to get into the security field?