One possible option would be to generate hash value of the password and validate against the hash for a given username stored in the database through a persistent, pre-authenticated connection. ( similar to unix passwords...)