1. Encrypt it on the client side, for instance by using SSL.
2. Decrypt it on the server side.
3. Encrypt it again (usually using a different method, say crypt). Store the encrypted password, and don't use a reversable encryption process.
4. Don't send unencrypted passwords by email.

Abigail