A simple hash using md5() is usually enough to stop people from obtaining raw passwords, however it's not overly secure as it's possible to force what are known as collisions, which happens when two different strings generate the same md5 hash, hackers will simply run through a dictionary of hashes until it finds one that matches the one being saved, then they can use that text to login to the account, even if the password isn't exactly what the client set it as (since it would authenticate based on matching the hash).

You can lessen the problem by using salts and whatnot for your hashes but ultimately it's not bullet proof. If you wanted true security you'd probably want to do full out encryption on the values you didn't want being messed with, you can search the Developer Resources for various encryption libraries, or Google for a massive amount of encryption algorithms that can be ported into DM code.

You should NEVER store unhashed passwords ANYWHERE, that's like rule 1 of any authentication system. There should never be a way to go from hashed/encrypted password back to raw password, that's the whole reason hashes can't be outright reversed in most cases.

Same reason most services will have you reset your password, but won't tell you the password you had, because they generally have no idea what the actual password is (if the service ever sends you anything with your raw password, they're doing something wrong).