I just wrote this in another topic.

The password is sent to your email before it is stored in the database.

I can assure you that the password in the database is properly hashed and salted. I couldn't tell you your password if you asked for it, and anyone that could get into our database would just have rubbish for passwords.

For instance, if you reset your password, you will be sent a temporary password that you need to change immediately. Because: the forum does not know your password. And neither do we.

How I know: I investigated this and had a look at the database. I will now check the code if I can find where they build the registration mail and leave out the plain text password.

Tweeting @forktong