>Hi,
>
>I am designing a new module where each user would have to be assigned a user name/id and password. This information will be stored in a SQL Server table. I have two questions:
>1. Is it acceptable practice to store the user name/id un-encrypted (readable by anyone)?
>2. What method of encrypting the password would you recommend (does not have to be Super Secure) that later can be used by another (e.g. .NET) application?
>
>TIA
Store hash of the password. this way nobody can decrypt it including you
--sb--