The best solution would be to use salted hashing technique.
This technique ensures that even if someone reads the memory the password is not visible in clear text. Also, it is impossible to retrieve the password as the attacker would require the salt that was used to hash the password before transmission.
http://palisade.plynt.com/issues/2004Aug/passwords-in-memory/
http://plynt.com/blog/2006/06/sending-salted-hashes-just-got/