Storing password in session

I am considering storing user-entered password in session state. Are there any security risks or issues that I need to be aware?

Solution

Yes. This is just a really bad idea. You shouldn't even store passwords in a database - best practice is to store hashes of passwords instead. So you can validate the password but if somebody gets access to the database (or session state in your case), they don't actually have the user's password.

Why does the default ASP.NET MVC 3 project not use controllers?
login/logout issue for multiple IIS applications under the same site
Why does membership IsApproved set itself to false?
Why does View.Title == ViewData["Title"] result in an error: "The name 'View' does not exist in the current context"?
500.19 - Internal Server Error - The requested page cannot be accessed because the related configuration data for the page is invalid (0x80070005)
You must specify a valid JavaScript API Domain as part of this key's configuration, in LinkedIn
One of two properties is required from the data model
Determine if View is being rendered as Partial
ASP.NET MVC 3 Display Template problem
How to use jQuery to set value of an input element generated by ASP.NET MVC?
Error MSB3541: Files has invalid value
How to use jQuery datatable plugin
Javascript not working in Partial View
MVC3/Razor: cshtml.Execute()': no suitable method found to override
Templates can be used only with field access, property access, single-dimension array index error
The request URL is invalid in IIS 7
How can I modify LabelFor to display an asterisk on required fields?
Localhost not working in chrome and firefox
Prevent Caching in ASP.NET MVC for specific actions using an attribute
How do I define a method in Razor?
Why is JsonRequestBehavior needed?
Extract metadata from website ASP.NET MVC3
Ajax WebGrid Paging MVC3
Implementing a switch statement in a CSHTML page
How can i do paging in asp.net mvc3?
Paging in a scaffolding view MVC3
how to set up routing for paging in asp.net mvc3 app
Razor Nested WebGrid
SMTP server can't send emails from hosting c# asp.net
Does anyone have a working sample of json paging for mvc3 webgrid?