Security technology or product will NOT help us unless, we understand how to IMPLEMENT them securely. Don't take my word, here is what the hacker (behind more than 840 million account records appearing for sale on the Dark Web) told ZDnet , he obtained these records just last month, and that they all lacked strong encryption for their passwords.

With this latest credential dump, a total of 38 companies have found their users’ account data up for sale on the underground at the hands of Gnosticplayers. The six companies impacted this time are an eclectic bunch, comprising the GameSalad developer platform, a Brazilian Amazon-equivalent called Estante Virtual, project-management apps Coubic and LifeBear, and two Indonesian companies: The Bukalapak e-commerce giant and a student career site, YouthManual.

https://threatpost.com/fourth-credential-spill-dreammarket/142901/