I agree about the need for encrypting the passwords. It's easy to add this to MM. We added a PasswordSalt field to the Users table and lengthened the Password field length. The user's password is appended to PasswordSalt and then hashed using the .NET SHA1 functionality. Prior to calling Login or authenticating the user, just append the password that the userr entered to PasswordSalt and hash it. Then compare the hashed passwords.
Greg Lee
GCL Software