Thursday, August 19, 2004 09:03 AM
even if you encrypt it one can decrypt to get the password.
most places people store a hash of the password in the database. Use a hashing algorithm like hmacsha1. Everytime hash the password and compare the contents in the database.
even if the hash key is compromised one cannot decrypt the password.