Well, this is better than storing it in plaintext, but why the hell would you encrypt passwords? Why? You don’t encrypt passwords. You need to get password HASH! Why? Because encryption is two way function. Whatever is encrypted can be decrypted. But this is not true for hashing. Hashing is only one way function. And you do not need to implement something so common, because there is a million better solutions that yours. Just go and for a start grab bcrypt library for hashin the password.

Logic regarding password check is correct. Hash entered password and check its hashed value woth the one saved in db.

Also, md5 was broken in 2005. Then we used sha1, sha256,…