Currently passwords are stored using an MD5 one-way hashing algorithm. The password is not stored in clear text, however using rainbow tables it is very easy to get a password that matches with the MD5 algorithm.
- Use a salted hash
- Use SHA-512, SHA-256 or SHA-1 hashing algorithm
- Migrate existing passwords without salt on-the-fly