best encryption method

What is the most standard encryption technique used in sql server for开发者_如何转开发 asp.net c# enterprise level application? . i am talking with respect to standards like md5 or sh1 etc, hashing

What you describe is called hashing, not encryption.

I think you can use some form of SHA-2, possibly after concatenating with a 'salt' string. Most common platforms provide built-in functions for such hashing algorithms. Details: http://en.wikipedia.org/wiki/SHA-2

• Enterprise applications don't store passwords. They use NTLM/Kerberos integrated security and rely on impersonation and constrained delegation to secure access end-to-end.
• Hashing and/or encryption as a means to protect against accidental media loss is much better served with Transparent Data Encryption, which encrypts an entire database transparently.
• Password hashing against a compromised host disclosure of passwords which opens the potential of password reuse on unrelated sites can use built-in hashing functions like HashBytes. As long as the hash is properly used (correctly salted). But with a compromised host the battle is already lost.

I've generally found Md5 (with salt) to be quite common.

However

I've seen time and time again, where the login page(s) are done via standard http! This is a bigger concern then someone hacking into web-server/ SQL box and getting hold of the passwords.

Read about the Cookiemonster Attack for more information regarding 'Man in the Middle' type security issues.