Handling Password Authentication over a Network

I'm writing a game which requires users to log in to their accounts in order to be able to play. What's the best way of transmitting passwords f开发者_JAVA百科rom client to server and storing them?

I'm using Python and Twisted, if that's of any relevance.

The best way is to authenticate via SSL/TLS. The best way of storing passwords is to store them hashed with some complex hash like sha1(sha1(password)+salt) with salt.

If you want plug'n'play solution, use py-bcrypt for storing passwords (http://www.mindrot.org/projects/py-bcrypt/) and SSL/TLS to protect them in transit.