Why Encrypt passwords - Decrypted ?
Hi,
I was surprised today by finding out that after encrypting the password with SHA1 using Security Assist, someone can simply copy and paste that encrypted password (if they got into my database full of passwords for users), into a website that will decrypt, and instantly show the password.
So my question is why Encrypt when it can be easily decrypted? I am asking this on a serious note, because I need a way to secure the passwords if you have suggestions please.
thanks,
ed