What you say is true... the passwords are clearly visible. This, in my opinion, is the single biggest flaw of the framework. I feel that this should be addressed within the framework - and hopefully it would be the topmost priority of any bug fix or enhancement to the framework.

Regards,
Carl.

>In the Users table the password is visible and not encrypted in any way.
>
>Is this a problem?
>
>Since I am not the administrator of our SQL Server can't administrators look at these tables and see those passwords?
>
>This application is for a Purchasing system and Internal Auditing would have a fit about this.
>
>Should I be developing a method to encrypt those passwords so no one can see them?
>
>Thanks.