Password encryption

Question

I am creating a login screen for an application in C#. In my login screen I am reading the username and password from the database and checking whether the entered username

Answer 1

The password should be stored in database with encrypted value itself. And when user tries to login, encrypt the password with the same algorithm and then compare it to the value in db.

Md5 is usually used for password encryption as it cannot be decrypted. Incase the user forgets the password, he cannot retrive it back, but it can only be reset.

Hope this helps !