thanks eric, i register users myself straight into the database, so maybe i will create a form and do it from there so it is encrypted.
other than that is there a way to show the encrypted version of a password?
maybe an online site converter?
also one last thing if you dont mind, is it best to use sha1?
is it an issue not to use any encryption?
many thanks