The password is encrypted using sha256 encoding and it is salted. A salt is generated using base-64 representation of a random number. This minimizes the probability of hash collisions even if different users have the same password.