How can we hash the passwords in an already existing database? The passwords in the database are in clear text, which is a security issue. I don't want to use the in-built SQL Server hash functions, but create my own application for hashing the passwords. I was thinking of creating another column of datatype varbinary(16) -MD5 hash- and storing the hashed values there and deleting the cleartext password column.
ALso, I read that salting is very important. What do you guys think? Any ideas are most welcome.