I've been trying to learn the best practices on password "storage" and verification lately. I thought this was a really good step-by-step technical breakdown of the right way to hash passwords (I have no opinion/knowledge of the hashing algorithms in the article, but I've found a lot of other positive mentions of PBKDF2, bcrypt, and scrypt)
http://nakedsecurity.sophos.com/2013/11/20/serious-security-...