29.01.2018 - The hash should be salted with a value unique to that specific login credential. Allow for third-party identity providers if possible A well designed user management system has low coupling and high cohesion between .