Store plain text passwords in the db?

[VBAHole22]

I am trying to authenticate users against a sql server db. I dont want to store peoples passwords in plain text in the db because I dont know who will be accessing it in the future. How can I avoid this? ANyone have some sample code for using SHA or something like that? Would I have to add another field in my db for the salt?

 

[Derek Stone]

[msdn]System.Security.Cryptography.SHA512Managed[/msdn]

 

[VBAHole22]

Yeah, I stumbled across that and it works great.
The only problem is that the wse2.0 AuthenticateToken method only returns string variables when you override it. This would produce byte arrays.

 

[Derek Stone]

[msdn]System.Convert[/msdn].ToBase64String()