you can add a secret string and md5() to password (bevore INSERT and SELECT)
$mypassword = mysql_real_escape_string($mypassword);
$sec_str = "b2Tz8Uk3EvkMx"; // just an example secret string
$mypassword = md5($mypassword.$sec_str);
this way the password is safer than md5() only