[Noah]

To secure that password, php has the wonderful
string md5 ( string str [, bool raw_output]) (<--Look, a syntax guide!<--)
function. It uses the md5 encryption technique to convert a text string into 32 char long alphanumeric string. Just store the password md5 encrypted. Whenver they log in, run md5 on thier password and then compare it to the database stored string. It's that simple!

One more thing to note: storing a password as an md5 hash means it is CasE SEnSetiVe, so you should make that obvious to your users. (Otherwise you will get lots of calls from people who can't log in. Trust me on that one.