How to decrypt / encrypt in the SQL server?

[anitalulu]

I have a "registration" table which stores username and password. I want to encrypt the username and password when retrieving them. Any suggestion?

 

[SemperFiDownUnda]

In general storing encrypted passwords is not a good idea. If the person can get to the encrypted passwords they are about as easy to use as if they where unencrypted. If the passwords are for your own system (not a 3rd party system and you are just holding the passwords for management) then I suggest using 1 way hash and store the password. Let me explain how it works

Joe bloggs logs in for the first time and the system ask him to enter a password (probably 2 times).
The system throws this thru a 1 way hash and stores the result in the database.
Next time Joe Bloggs logs in the password he enters is put thru the hash and the hashed password is compaired to the one in the database. If they are the same then the user is let in.

If the user forgets their password then you reset it to something and make them change it the next time they log in.

The benifit here is that if anyone gets to the database they can't derive the passwords from the hashed password. Though if they've gotten to the database at that level then you've got bigger problem on their hands.