I have seen the password is not codified in the database. This could be a dangerous problem. Don't think?
I like methods like phpBB to codify the password. They use a database field of 32 caracters. When a user is registering, phpBB use php md5() function to codify and save in database.
I think it could be more secure.