A more secure practice would be to encrypt the password with a secure password hashing function provided by a trusted 3rd party library that is available through PHP. This is a deeper topic in itself.

Then also have a mechanism to update the library, the function and hashed password in case of problems.