Please see my comment to the question to understand that you should not expect your work done for you. Also, your school gives you a chance to learn something. Later on, you just might not have enough time to learn all you want, so use this chance well — life is too short.
Some general recommendations:
Passwords are not stored anywhere; this is absolutely not needed for authentication.
Disagree? Feel puzzled? Keep reading.
One of the ways of solving this problem which is usually used is calculation of a
cryptographic hash function in both cases and storing the hash. If you want to say that this stored value is just the encrypted password, think again. The big difference is: the cryptographic hash cannot be decrypted at all, this is a
one-way function. So, it's
infeasible to calculate a password from hash (and, of course, it has nothing to do with system permissions: this is equally infeasible for anyone). And this is not needed: you just store hash and compare hash with hash.
Please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^],
http://en.wikipedia.org/wiki/Computational_complexity_theory#Intractability[
^].
Don't use MD5 or SHA-1 — they are found to be broken; better use one from the SHA-2 family:
http://en.wikipedia.org/wiki/MD5[
^],
http://en.wikipedia.org/wiki/SHA-1[
^],
http://en.wikipedia.org/wiki/SHA-2[
^].
Please see my past answers:
storing password value int sql server with secure way[
^],
Decryption of Encrypted Password[
^].
—SA