Ah, you should not come up with your own encryption algorithm. There are a whole new set of encryption functions built into SQL Server 2005--including SQL Server Express. See http://www.databasejournal.com/features/mssql/article.php/3483931.

You should use one of the HashAlgorithm (SHA1 is most common) derived class to store password's hash value so there is no way for anybody to gain access to the original password. And then in application just compare hash values of entered password against one in the database.

Ah, you should not come up with your own encryption algorithm. There are a whole new set of encryption functions built into SQL Server 2005--including SQL Server Express. See http://www.databasejournal.com/features/mssql/article.php/3483931.

Hi,

You can simply store the hash code of thepassword rather than needing to encrypt it.

GetHashCode() of the string object returns the hash value. Store that value in the database and whenyour user types in their password compare the inputs hash code against the one stored in the database.