When it comes to protecting sensitive data, we need to minimize the risk of that data being leaked or traded; that's why, correctly encrypting the stored information and protecting the encryption keys is the first thing to do. If there is no possibility of not storing such data, it is the ideal option.

Passwords should be hashed with a one-way hashing algorithm before storing them in the database. This way, if they are stolen, the attacker won't be able to use them immediately, and if the passwords are strong and hashed with strong algorithms, they won't be able to break them in a realistic time.

If we store sensitive documents or sensitive data in the document root of our server (/var/www/html/ in Apache, for example), we expose such information to be downloaded by its URL. So it's better to store it somewhere else and make special server-side code to retrieve it when necessary and with a previous authorization check.

Also, pages such as https://archive.org/, WayBackMachine, or the Google cache may pose a security problem when the cached files contain sensitive information and were not adequately protected in previous versions of the application. So it is important to not allow the caching of those kinds of documents.