Should I encrypt a password and store it in the database?
Should I encrypt a password and store it in the database? No, You should never encrypt the password. You should Hash it with state of an art hash algorithm with a salt. Difference between encrypting and hash: 1. Encrypt: If an attacker has the decryption key then he can decrypt the passwords in seconds. This is mostly the case. 2. hash: The attacker has to brute-force each entry of the user to get their passwords.