There's a good trick I saw while I was reading a project. The passwords were stored in the database after encryption. When we write the login page, we will get the password from the user,then encrypt it to compare it with the password stored in the database. Look, the data is more secure. I'm not sure if this technique has other disadvantages but I think it's better than to store the password only as it is.