When storing password hashes should they be kept in a file or database? [closed]

Question

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.

Closed 9 years ago.

In a website that requires users to log on where are their password hashes stored? I'm thinking they could be stored in a text file or database. Also I plan on using Blowfish to produce the hash that will be saved. Is this a good idea?

Answer 1

They are stored in a database, this way they are far more accessible and easy to work with.