Perhaps Envato might consider using this? Anything’s got be better than what they’ve got as it doesn’t store plain text passwords.
WooCommerce – Subscriptions Add-onhttp://www.woothemes.com/2012/06/the-long-awaited-woocommerce-subscriptions-drop/
You mean hashed or encrypted? If hashed anyone with access to database can unhash and with many encryptions simply test for collisions and recover passwords. So if it’s encrypted I hope it’s something that’s difficult to decrypt. And if I understand correctly.. all Envato user passwords were vulnerable after security compromise if users did not reset their Envato marketplace passwords since then? Was it 23days ago?
EDIT : To clarify this is just in response to OP.