Encrypting passwords won;'t help you with SQL injection, or cross site scripting because those forms of attack aren't normally used for passwords anyway...
And that's ignoring that you should never encrypt passwords because it's a major security risk:
Password Storage: How to do it.[
^]
You handle SQL Injection by using parametrized queries throughout your application instead of concatenating strings, and cross-site scripting is a much more complex problem than that! see here:
http://en.wikipedia.org/wiki/Cross-site_scripting[
^] - there is a section on prevention
and here:
http://www.acunetix.com/blog/web-security-zone/articles/preventing-xss-attacks/[
^] which may help.