Security

Try using MD5 as the encryption on the client side. You can change the password using the javascript code at http://pajhome.org.uk/crypt/md5/">http://pajhome.org.uk/crypt/md5. The tricky part is to use a unique "salt" value that is created when the page is created and used as part of the submit process. The stored password is encrypted with the same salt value on the server side and the value is compared with the calculated value from the client. I have used a date stamp like yymmddHHmmssfff or something like that to calc the salt value. Hope this helps.