Prasad is right, this is not how secret authentication is done. You should not really encrypt the password, but you can instead use a cryptographically strong hash function:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^].
Now, you don't need to ever store a password anywhere. Instead, you should store passwords' hash value and compare hash to hash. So, the user creates password for a very first time. JavaScript creates its hash and delivers the value to the server side where it is stored. Next time, when a use is authenticating, it sends only the hash, and then the server side compares hash to hash.
I really strongly advise to use SHA256 (in particular, MD5 and SHA1 family of algorithms are found vulnerable):
http://en.wikipedia.org/wiki/SHA256[
^].
You can use JavaScript implementation of the algorithm. For example, here:
http://www.webtoolkit.info/javascript-sha256.html[
^].
And .NET provides comprehensive implementation if its BCL:
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm.aspx[
^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.sha256.aspx[
^].
[EDIT]
Please see the comment by ryanb31: this along won't be enough, as the hash value sent can also be eavesdropped by spying on IP packages and then the user post can be imitated. So, it needs SSL. However, I explained the principles of using the cryptographic hash.
—SA