Storing passwords in database
Security is tricky subject. In fact, we should never think we know about security. The way we store passwords in database is an example of how we might do things the wrong way. We may think storing the MD5 hash of a password, but this is very unsafe as an attacker could use a rainbow table to retrieve the password.
Here are two interesting entries on Stack Overflow:
What they recommend is storing the salted hash of the password. The salt should be different for each password, and it should be a random ASCII string stored along with the password.