Originally Posted by ShaneC
Beyond that security is huge. Even with storing in a database you should still hash the passwords to protect but your site and your users. I would recommend using the SHA-2 hashing function as things like SHA-1 and MD5 can be cracked.
I agree, but FYI, all three of those can be cracked, even SHA-2 can be cracked. They are all one-way hash based encryption routines, and even though they are a "one-way" (meaning they cannot be un-encrypted back to original) hash encryption they can be brute forced using a comparison hacking program like Jack the Ripper or another such program. All can be hacked if you can get the encrypted version to compare against. "Quoted from Applied cryptography by Bruce Schneier"
So in short they are harder to crack but can still be cracked. But for better security do it the way we just stated man. Security is the key.