[shaydoc]

what bank do you work for, looney tunes acme bank ? Did your "senior programmer" dude never hear of salt and SHA1-Hash, fairly trivial to do ?

[polyfractal]

It is amazing that a "senior" guy would resist something as simple as hashing a password.

That said, salting a simple hash is not nearly as effective as people think. Given the computing power of modern GPUs, you should use bcrypt:

http://codahale.com/how-to-safely-store-a-password/

[shaydoc]

bcrypt it is...

[oasisbob]

I know of one major core financial provider that doesn't encrypt their home banking passwords either.

It's probably more common than we think.