Okay so I have a PHP script that creates user acounts and encrypts the password then saves it into the database. The login form just compares the users password with a password in the database. The database has a password to connect to and user name. Is this enough security for my sites login? Or is there other things I should be doing?