From what your saying I think.... Use MySql, its is small application so ...Add a 'users' table, In its simplest form it should consist of a user name and password. For the password encrypt it and store it (easiest is to use a MD5 hash, it is a 1 way encryption process)When a user logs in and enters there password, you encryprt what they enter and compare it to what is stored in the DB. If you do not need the extras like commit/rollback MySql is brilliant, personally my company use Sybase but for small scale applications MySql does the job.. HTH !!