Send encrypted passwords to your database instead of a visible password.
When logging in, check if username's password input encrypts into the same thing as it is in the database.
There are 3 common methods: SHA-256, SHA-512, and SHA-1. Personally, I would recommend SHA-256.
If you want to filter passwords to make sure they're not dumb, (I am not trying to advertise, just helping out) I made an encrypter at my SHA256 testing site.
The SHA-256 method is the most common encryption method.
bin2hex(mhash(MHASH_sha256,$password));
If you like large annoying text, use SHA-512 to ensure maximum security.
bin2hex(mhash(MHASH_sha512,$password));
If you like simplicity, use the crackable SHA-1.
sha1($password);