No, you never need to store a password. There is no a "secure way". Storing a password anywhere is never needed for authentication purposes. Think about it: does anyone (except the user who owns the password) needs to know the password, ever? All authentication needs is to make sure, that the string entered by a authenticated user is the same that this user entered in the process of password creation. From the first glance, it looks like knowing of the password, but in fact this is not true. What to do this exercise in logic?
One of the ways of solving this problem which is usually used is calculation of a
cryptographic hash function in both cases and storing the hash. If you want to say that this stored value is just the encrypted password, think again. The big difference is: the cryptographic hash cannot be decrypted at all, this is a
one-way function. So, it's
infeasible to calculate a password from hash (and, of course, it has nothing to do with system permissions: this is equally infeasible for anyone). And this is not needed: you just store hash and compare hash with hash.
Please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^].
Everything else depends on your platform, languages, the libraries you use and other detail you did not share with us. See also the article referenced by
shorkie in Solution 1.
—SA