While Application Security is a complicated issue and deserves a playbook of its own, software development companies and developers alike should start taking the first steps in the forefront of application security, and that involves, getting RID of homegrown password systems.