@Bishma who stores passwords in a format that can be decrypted? they should be stored with a one-way hash