To argue with the the other answer, VBulletin does a horrid job of hashing passwords. Their salt is only 3 characters long, only fractionally increasing the security of your application.
Check out http://www.openwall.com/phpass/ . They do an excellent job of using a long hash, unique to each password, and running the password through md5 thousands of times. It is one of the best hashing systems for php out there.
