I would like to know how useful it is to encrypt password and store it in DB. And decrypt it when I need it. My question is: Is it REALLY necessary to encrypt the password? I know it will be useful and more secure. However, what I really want to know is how much more secure will that be as compare to without encryption?
Perhaps if I put it this way, as question:
Is it REALLY necessary to encrypt password?
A. NO. Forget it! It is useless. Don't waste time!
B. It does not matter. It is good to encrypt it but without encryption, it is OK too! No big deal!
C. Yes. Encrypt it! You can't live without encryption! You must encrypt it!
I would hope the answer is B. Then I might just leave it as it is for now. However, if EXPERTS say C, then I will have to go for it.
Thanks in advance. :)