[chrismatheson]

Is it not possible to verify positional characters without storing in plain text ?

off the top of my head, something like storing your full password salted + hashed along side each char salted + hashed.

[benmmurphy]

If you store an individual character hashed then it is trivial to brute force it. I don't think there is a bcrypt work factor that you could use that would prevent brute forcing but would allow the individual character to be used for authentication.

[mrfredward]

And if you know the first character of a two character password, it's trivial to brute force the second, and so on...

[chrismatheson]

i would definitely expect it to be less secure, but not exactly plain text?