First of all, seriously consider using LDAP (a.k.a. Microsoft OpenDirectory) instead.   This is probably the most widely used strategy for centralized management of authentication and authorization throughout an enterprise, and its use generally requires the construction of no software at all.   There are plenty of administrative consoles out there which a security department can easily use to manage this information across all systems, and there is nothing to invent nor particularly to write.

Secondly, it is most common to store one-way-hashed values (SHA1 is recommended today over MD5) in any database store.   These functions produce a “digital signature” which is extremely sensitive to changes but which cannot be reversed.   Hashed values, not plaintext, are the only thing sent across the wire (which should nonetheless be an encrypted, e.g. VPN, connection).