There is a growing number of websites out there that require its members to login on a fairly regular basis. Many times these numerous user names and/or passwords will slip our minds and we'll be forced to click on the "Forgot My Password (click here if you're an idiot)" link. Yes, I am a regular clicker of these types of links. How many times, after proceeding with this shameful process, have you received an email containing your password? No, not a link to change your password or questions about your account that only you would know (that would eventually allow you in), your actual password in plain text! This could tell you a lot about how your favorite website is handling your password. Oh, and by the way, a bank, credit card company, etc. should never be able to send you your password in an email. This means that they are not securely storing your password. Here's how it works:
Secure Password Storage
When you sign up for your new account and enter your password for the first time, your password is hashed (one way encryption) and stored into the database. This hash is a one way avenue. It can't (in most cases) be decrypted, thus no way for anyone to retrieve the original password. So, if you can't see the original password then how are you able to log back in? When you revisit the site and enter your password, it is hashed, using the original algorithm, and then it's compared to the stored (hashed password). If the two match, you are granted access.
Original Password -> SHA-1/MD5/Other Hash -> Database Storage Login Password -> SHA-1/MD5/Other Hash -> Result is Compared to Database (Hashed)
Unsecure Password Storage
When you sign up for your new account and enter your password for the first time, your password is sent directly to the database. In some cases it might be encrypted using a weak algorithm that can be unencrypted or decrypted. When you revisit the site to log back in, the password that you enter is compared directly to the one (or decrypted one) stored in the database.
Original Password -> Database Storage Login Password -> Result is Compared to Database (Plain Text)