@shadowfacts

Just make sure the decryption key is not the same hash as used for authentication and not stored anywhere :)