When passwords are stored in clear text, they are vulnerable to being easily read and exploited in the event of a data breach. The BEST practice for remediation is to recommend that the organization hashes and salts each password before storage. Hashing transforms the password into a fixed-length string that resembles random data, while salting adds an additional unique value to ensure that even identical passwords result in different hashes, preventing the use of rainbow tables to reverse the hashing. Encryption alone is sometimes seen as a potential answer, however, if the encryption keys are compromised, encrypted passwords can be quickly decrypted. As for increasing password complexity, while a good practice, it is not the primary solution to the problem of storing passwords in clear text.