Interesting question: First, I'd have to ask why you're implementing a password encryption program to begin with,...
instead of letting an operating system or application manage this bit of information. I assume you're asking in the context of writing the application that will manage the encryption code itself.
The general contemporary thinking in this regard is not to put passwords in code, but to use certificates, like Kerberos, or trust relationship information, like Federation SAML assertions, in the code since any hacker with enough time and energy can eventually crack an encrypted password.
For more information:
Related Q&A from Randall Gamby
Simple photography cracking biometric systems highlights the need for two-factor authentication in enterprises according to expert Randall Gamby.continue reading
Bimodal IAM may be a new term, but this new way to use user credentials should probably already be in practice among secure organizations.continue reading
Reviewing credential dumps could potentially save identity information from being stolen and used in a data breach. Expert Randall Gamby explains why...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.