>Hello,
>
>I am using an encryption program to encrypt passwords in the application.
>The program must know the passphrase that is used for encryption.
>My question is: how should I store the passphrase? If I store the passphrase in a class property, it can easily be found. What is a more secure way to do this?
Just don´t use an encryption method that requires a passphrase, instead, store password hashes and compare the stored hash to the hash of the entered password.
Check this class for example:
http://espanol.geocities.com/jgoh_ingeniero/docs/criptopack/index.html#sha1Carlos Alloatti