Actually, don't store passwords at all. Instead store a hash of the salted password (md5 is ok, but see http://crackstation.net/hashing-security.htm) then match the password hash against the hash of the entered salted password. And then use the security tips offered above for storing the password hashes.