http://www.perlmonks.org?node_id=456659


in reply to Security: balancing two conflicting password policies

If an intruder can access your source code, on your server, your _real_ problem is not the way you store your passwords.