The "How We Roll" series by Clerk aims to guide product owners, developers, and security professionals in understanding the implementation of authentication, starting with passwords as discussed in Chapter 1. Despite their widespread use, password implementation is complex, requiring adherence to best practices in choosing, changing, storing, and migrating passwords. Clerk uses NIST guidelines to set an optimal minimum password length of eight characters and leverages databases like Have I Been Pwned to avoid breached passwords. Additionally, Clerk employs zxcvbn to assess password strength, allowing customizable complexity requirements. When users change or reset passwords, Clerk ensures security through user authentication and optional device sign-out. Passwords are securely stored using bcrypt, a standard hashing algorithm known for its computational expense, and Clerk supports migration from other hashing algorithms to bcrypt to maintain modern security standards. The chapter emphasizes that despite the complexity of password management, Clerk's API components provide secure and user-friendly solutions, allowing developers to focus on their core business.