A key security point is that you should not be able to decrypt passwords! Use one-way hashing (MD5, SHA*, etc) and then compare the supplied password with the hashed password in the database.

Orc, the PASSWORD is another hashing function like MD5 and behaves in much the same way, just using a different algorithm to get the final hashed value.