Is there some standard one follows for encrypting one's user's
information? I would think that failing to do so could result in
liability issues for not taking "standard precautions" against
identity theft... so what standards are there out there?
Re: who uses what for encrypting passwords any more?
There's lots of standards - crypt, md5, 3DES. And there's been lots of
discussions about how best to implement these in PHP - see
for more info.