Here we call webapi service from mobile application to authenticate the userid and encrypted password in database. So to authenticate I encrypt the input password and compare with database password?

Another question: Is it correct what I am doing? Or is it a better way to decrypt the database password value and check with input value. If second way is better, how can I do that?

Below is my code:

  using (LoginServiceEntities context = new LoginServiceEntities())
        {
            var crypto = new SimpleCrypto.PBKDF2();
            var encrypass = crypto.Compute(Password);
            var user = (from u in context.user_master
                        where String.Compare(u.UserID, UserID, StringComparison.OrdinalIgnoreCase) == 0
                              && u.Password== encrypass
                        select u).FirstOrDefault();

            return user != null;
    }

Password in database should not be decrypted. What you are doing is correct. Just compare the encrypted password in database with the encrypted input