I would like to thank all of you for your help in understanding encryption and security better. What I grasped from all your responses is:
Encrypt but never decrypt and just compare enycrypted keys
Resend new password to email instead of decrypting their current password if they forget
never leave any file unencrypted that could be used agains the script (well--duh :p )
Use a module like Crypt::PasswdMD5
Thanks for your help everyone, I'm off to look at encryption modules now :) This will be a lot of fun and be prepared for lots more security questions in the future :)
"Age is nothing more than an inaccurate number bestowed upon us at birth as just another means for others to judge and classify us"
sulfericacid