Thanks to all of you for the responses. apart from this password I will be storing some other things too(they too are passwords but for some other things in the application). I cant use one way hash as I cant use them further. what mechanism should I follow in this case?
Also, for the login case should I bother about encryption in the login form? Can I just use <input type="password"/> and rely on the brower? What are the pros and cons for this? If you see yahoo login, they generate md5 using javascript on the client side itself - is this really necessary? Thanks again. rf __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus � Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
