I need to create a password verification program for a web application, and I'm not really sure where to start. Does anyone have any suggestions on what I should/need to do, particularly how I should store (and encrypt) the user data, and how to keep the sessions secure. Thanks.