Passwords are stored using encription in the database. When the user wants to change the password, a validation code is sent to the user`s email for security purposes.
