Password encryption

Question

I am creating a login screen for an application in C#. In my login screen I am reading the username and password from the database and checking whether the entered username

Answer 1

Are you implementing your own authentication mechanism? You can use already existing System.Web.Security microsoft authentication. By using Membership class you can validate user password without retrieving it from the database. This way you will be able to store the salted (encrypted) password in your database. Just use Membership.CreateUser and Membership.ValidateUser. If you don't need (performance wise or proprietary implementation) use existing implementations and save time.