[jervisfm]

Not sure why you're downvoted, but the idea of actually not storing passwords seemed intriguing to me, if it was actually possible.

I did a little bit of research and I found the Secure Remote Password protocol [1]. Interestingly, this protocol does appear to protect against the case of a stolen password database. If true, that would mean that when site X loses control of the password database, that would be OK as this is designed to be secure against that attack.

I wonder why it's not been implemented anywhere widely. Anyone more knowledgeable about the security field care to comment.

[1] - http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol

[sehrope]

Yeah I'm not sure either about the down vote. By not storing passwords I meant delegating to an external authority for authentication services. Whether that's OpenID, Persona, Facebook login, direct OAuth integration with a limited number of parties (ex: GitHub and Google Plus) can be decided on a per app basis. The important thing is the if your app use case allows you to delegate out authentication to an external party (again it's a non-trivial "if" to decide this) then you don't have to store or deal with passwords at all (and by extension don't need to worry about handling password DB leaks or hashing algos).