I agree with "sporty" - although this wasn't the subject of your question, if you haven't already thought about this, you should think about encrypting your password *before* placing it in a form to be posted in a hidden field. If you are storing the user id's and passwords in a table (or file) one method would be to take the password the user entered and encrypt it, then store the encrypted password in the user table - then when the user wants to sign back in, take the password he/she enters and encrypt it, and compare that encrypted password to the encrypted password stored for that user id - if it matches, grant access.
Comment on Re: Re: password problem with non-alphanumerics
Amen. and if it can be taken a step further, never displayed the encrypted form either. 'cause some systems can suffer from playback vulnerabilities. Like encrypted cookies. Don't need to know the contents.. just need to have the key.