You should never ever decrypt a password. You should never develop a system where a password needs to be decrypted, or where a password needs to be stored, or where there is a possibility that any person can know a password created by a user. Such practices are unsafe and never needed. If you think about it, you will understand that the original password is absolutely not needed for authentication.
Disagree? Feel puzzled? Keep reading.
One of the ways of solving this problem which is usually used is calculation of a
cryptographic hash function in both cases and storing the hash. If you want to say that this stored value is just the encrypted password, think again. The big difference is: the cryptographic hash cannot be decrypted at all, this is a
one-way function. So, it's
infeasible to calculate a password from hash (and, of course, it has nothing to do with system permissions: this is equally infeasible for anyone). And this is not needed: you just store hash and compare hash with hash.
Please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^],
http://en.wikipedia.org/wiki/Computational_complexity_theory#Intractability[
^].
[EDIT]
The algorithms you need are already available in .NET:
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm.aspx[
^].
Don't use MD5 or SHA-1 — they are found to be broken; better use one from the SHA-2 family:
http://en.wikipedia.org/wiki/MD5[
^],
http://en.wikipedia.org/wiki/SHA-1[
^],
http://en.wikipedia.org/wiki/SHA-2[
^].
[END EDIT]
Please see my past answers:
storing password value int sql server with secure way[
^],
Decryption of Encrypted Password[
^].
—SA