>>>Hi,
>>>
>>>I am designing a new module where each user would have to be assigned a user name/id and password. This information will be stored in a SQL Server table. I have two questions:
>>>1. Is it acceptable practice to store the user name/id un-encrypted (readable by anyone)?
>>>2. What method of encrypting the password would you recommend (does not have to be Super Secure) that later can be used by another (e.g. .NET) application?
>>>
>>>TIA
>>
>>
>>Store hash of the password. this way nobody can decrypt it including you
>
>First, thank you. If there is a simple example of how to hash a password, please let me know. For example, user wants his password to be '123'. How do you store it as hash to a table.field PassFile.UserPwrd?
https://crackstation.net/hashing-security.htm
--sb--