The most catastrophic approach. Passwords stored as-is in a database or file. If the database is compromised, every password is immediately exposed. The 2009 RockYou breach exposed 32 million plaintext passwords because the company stored them without any protection.