How should passwords be stored? The short answer is: DON’T! I see countless posts on reddit and around the web from people who are trying to figure out how to use PHP’s “new” password functions. These new functions are awesome in that they have finally made it so that those who are not security specialists can start managing passwords the right way. PHP’s password functions do things the right way and give us a means by which to ensure our sites can continue to stay secure.