Why the best password security doesn't matter

You've built a rock-solid system. You use industry standard hashing (or better) - you salt your records and you ensure nothing is ever logged. It's built well and to specifications, according to many organizations. So why is this a problem? It's not your security you need to be worried about.…