Typically with password authentication, one doesn't check that the value you have stored equals the value that the user just tried, but rather the encrypted versions of them compare equal.
thor
Feel the white light, the light within
Be your own disciple, fan the sparks of will
For all of us waiting, your kingdom will come
Comment on Re: Reversing MySQL's password function