(I hope this is the right forum).
I've just registered and been e-mailed my password when I was provided with login details. This means you're storing your passwords in plaintext and anyone with access to the database can get all our passwords. Please don't. It's textbook bad security. And because people use passwords across different accounts, any leak means that you're risking a lot of user accounts.