I have a VB6 application that stores a lot of passwords in the databasen. I
want to use these functions to Encrypt and Decrypt these passwords. I also
have a .NET application that is going to Encrypt/Decrypt the same passwords.
Is it possible ? These two applications is NOT ran on the same server. The
VB6 application is based on COM+ and the .NET application is a web
application.

--
Regards
Robert Vabo
Gecko AS
www.gecko.no

[quoted text, click to view]

Use an MD5 hash of the password. It is essentially a one-way encryption
(i.e. you can't decrypt it). This makes it safer for storage, and you
never have to decrypt for password verification anyway - just encrypt
password attempt (i.e. make an MD5 hash of it) and compare the two
hashes.

Note that I said "safer" not "safe". A brute-force approach can still
crack the passwords, so secure those tables properly.

Look at CryptCreateHash, CryptDestroyHash, CryptHashData.

cheers,
Ross.
--
Ross McKay, WebAware Pty Ltd