Hello and welcome to our final module in this course. In 2015, nearly 10 gigabytes of customer data stored by ashleymadison.com was leaked on the so-called dark web. This data included names, addresses, and phone numbers attached to Ashley Madison member profiles, and included credit card data and transaction information. Sensitive data exposure issues are important to know so that you can help protect your customer's data. Fundamentally, we want to be able to categorize the data that our application handles so that we can take appropriate measures to protect them. Some data might not be as sensitive as other kinds of data, such as credit card information. It is important to be able to think critically about the kinds of sensitive data that your web application will need to process and protect. The specific issues that we're going to discuss in this module include first, using Personally Identifiable Information, or PII, to basically create the session ID. The second issue is when the web application is not encrypting sensitive information using standards. A third issue is improperly storing passwords, and the specific technique that we're going to talk about in the lab. We'll show you a good way of handling passwords for your web application. The last issue that we're going to discuss is using HTTP for sensitive client-server exchanges instead of the more secure HTTPS. So by the end of this module, you will understand how to effectively store password related information and not to store the actual plain text passwords. You will also have a hands-on coding assignment that will help you to better understand the mechanisms for effectively storing password related information. Ready, let's go.