1. OTP may not be secure if you use small 'pads' or numbers (like less than 1000 chars). Weigh security against userfriendliness. PGP can compensate for too small info.
2. I don't think I have to mention that security is as strong as the weakest link, but just to be sure.
3. Chars are easy to convert to numbers, eg see CGIPack.
4. Or if you have 8 chars in the 0-255 ASCII range, just use pack/unpack once (quad integer, 64 bit platforms) or twice (long integer). If you have an 8-digit integer, short is enough.

Hope this helps,

Jeroen
"We are not alone"(FZ)