What should you do with successfully cracked passwords during a project?

When you crack passwords during a project, you want to capture them in a controlled, reusable way. Adding cracked credentials to a secure, centralized list or repository lets you reuse them for legitimate testing steps—verifying password policy enforcement, checking for impact across systems, and avoiding re-cracking the same passwords. Keep this list in a protected vault or repository with strict access controls and audit trails, so you can reuse them only within the authorized scope. Deleting them would lose valuable evidence and hinder verification and retesting. Publicizing cracked passwords would breach confidentiality and policy. Encrypting and ignoring them defeats the goal of reuse; store securely so you can access them for ongoing testing under proper authorization.