There are plans to update the forum, including for better security (the main issue with changing the forum software is concern over reliably migrating all of the existing content, since 2003).
After emailing (admittedly not current best practice), the passwords are hashed and only the hash is stored.
