My answer would basically be same as OriginalGriff.
* When it comes to passwords, we should never store them in plain text.
* Nor they should be stored encrypted.
* They should always be stored as a hash value.
* Also, the password hashing process(at the time of registration) and checking the hash(at the time of login) should not be in the database procedures. It should always be in the application.
* If there are multiple applications that want to use the same db for authentication, either have the registration and login functionality pushed inside a class library or a Service.
For more details on why to store hashes and how to store and compare them, please see the below article.
A Beginner's Tutorial for Understanding and Implementing Password Hashing and Salting[
^]