clarkwinkelmann "being hacked" depends on the security you put on the server, not on the hashing used for password. Hashing will only minimize the impact of a data theft. That being said passwords are salted+hashed with bcrypt, the default for PHP.
