That article is a bunch of hooey, the only true way to ensure data is secure is using a SSL connection (https) : http://www.digicert.com/ssl.htm
However, most of the time the majority of php programmers doesn't even need that (unless you're doing somekind of banking transaction(s)) as long as you use a good password hashing library (NOT YOUR OWN!!!) if you're not using PHP 5.5 (I hear that is built in) a good one is : https://github.com/ircmaxell/password_c ... ssword.php (from what I understand that is the script that is included with PHP 5.5). Since most of the time all we are concern about is making sure the MySQL database isn't compromised.
Leave the encoding and decoding to people who know what they are doing, for they have to thoroughly test those scripts and get approved before they are made public. An use an establish online payment service if you need to process credit cards (PayPal, CCBill, etc...).