No "encryption" needed in database
In your form you define the password field as being encrypted. That means that when the POST is made from the form the value typed in is immediately encrypted, then stored in the database as hex.
Therefore the database field only has to store characters - there is nothing special about the defintion of that field, it should be type "varchar" of 40 characters.
When the password is read for validation at login, the process is ...
- password entered by user as plain text
- it is then encrypted on POST
- the password is read from the value stored in the database (also encrypted)
- the two values are compared
- resulting action
Hope that helps and I hope I am right. I only dealt with all this myself for the first time yesterday, it wasn't easy, and I've been doing this stuff since the days of Noah. If you haven't found it, it is more than useful to download the sample tables where the table "visitors" shows you the table structure you need.