If you are developing a web application and managing User session on the basis of User password.With the traditional way of storing of storing user password as it is in a Db table is not very elegant.Anybody who has the access to Db can get those passwords .This problem is more acute than it seems as most of the Users keep same Login-Id and Password.
So in era of Outsourcing and remotely managed servers and with traditional method of storing password you can never be sure who all are peeking into the User information.
One very simple solution can be to encrypt or in technical terms to generate a Hash-Key corresponding to the User entered Password and store this i database.When User login again,than take the entered value ,convert into Hash-Key and compare it with value in Db for authentication.
This is very simple yet powerful way,if your application demands more security than you must probably look Jasypt .
