Passing authentication information in SOAP header as text strings is inherently insecure since the username and password are passed along in plain-text. That is, a nefarious hacker monitoring the network traffic could see the username and password sent along to the Web service. A better approach is to use a one-way hash function to encrypt the password. Please advise how to do this in least code possible in C#. Thanks.