Do not store users' passwords in plain text, store hash of password instead. But only hashing is not enough, use one of these techniques, to make your users' data more protected:
- simple way:
passwordHash = hash( hash(passwd) + salt )
- better one - will produce different hashes for users with the same passwords:
passwordHash = hash( hash(userid) + hash(passwd) + salt )
- another one - salt is a random value for each user
passwordHash = hash( hash(passwd) + salt(userid) )