Passwords are stored in an unsalted MD5 Hash. The notification from the user signup presents the password the user had just set, prior to it entering the database (again, as an unsalted MD5 hash).

So basically:
1. User Registers
2. EMail is dispatched with the password they just entered into the registration page.
3. Password is MD5 encoded and inserted into the database
4. User clicks activation link to validate their email

Feel free to fire up PHPMyAdmin on your server and browse the _USERS table, all you'll see in the "PASSWORD" cell is an MD5 string (with the exception of the "guest" user, whos password is an invalid [not MD5 encoded] entry, since that user is a placeholder).

I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!