Hi Karl, > > Yes you are correct. I do not store a plan text password. Great stuff - so many systems I've seen use plain-text passwords it's little wonder there's so much data theft. > If you cant read the encrypted text, you cant decrypt it right? Wrong. There are two-way encryption methods requiring the use of a common key, and an initialization vector for some protocols - see the mcrypt library which PHP can use (I had a play around with it quite recently.) http://uk2.php.net/manual/en/function.mcrypt-decrypt.php Regards, Andy -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php