Standards Use Hashing Use Salting Use in-transit encryption like TLS Enable password reset Use Password Manager Enforce Minimum Password Age