Ivo P <mailto:ipletikosic at gmail.com> on Thursday, October 20, 2005 2:45 PM said: > You probably already know this but when it comes to logins there is > value in not storing passwords themselves. Instead store a hash of > the password so that if your app were cracked plaintext passwords > wont be revealed. Which is important not so much because the attacker will be able to log into your users' accounts on your website (considering he's already compromised your data) but because people tend to use the same passwords on many sites. Chris. p.s. Don't delete the entire (original) message when you reply since it makes it almost impossible for posterity to know the context of your email.