You need to mention how you are saving the passwords, where you are storing them, what kind of encryption you are using and also is your code open sourced ?
These are the very first things that I would look for in a password storage mechanism. You cannot just expect people to trust you with their passwords.