How should I store a user's LDAP password in a cookie?

Question

So I have this black box authentication method, handed down to me from the accounts people, which basically amounts to ldap_bind($connection, $username, $password)

Answer 1

This will not really answer your question, but you should NOT store your users passwords, not even encrypted.

If you really really have to do it, and the users understand that you are doing it. then store the password in a database of your application (encrypted, of course) and then send the user a cookie with a hash. When the user wants to login, compare the hash to what you stored and only then send the unencrypted password to the ldap. Never send the password (not even encrypted) to the user's machine.

Again, this is a very bad practice. if the ldap does not allow you store sessions/passwords then there is probably a good reason for this.