For truly secure passwords (on any web application), you need to use SSL. Moodle supports this natively, set it up on your server and then set Moodle to use it in the configuration variables. Moodle's standard passwords are protected by MD5, which is ok (and good enough for a number of commercial apps. such as Blackboard), but not as secure as SSL.
A second issue is how easy the passwords are to guess, they should be long alphanumeric strings, ideally with a special character (*) thrown in, Moodle doesn't enforce strong passwords directly at this time (users can put in any password they like), but if you set up LDAP authentication (or other external authentication) you can enforce strong passwords on your LDAP server or external auth. server.
You can keep Google out by setting that in the administration variables, also. Even if you let Google in, it can't search a course unless you have turned on guest access without a pass key for that course.
Hardware and performance
password protection
This discussion has been locked so you can no longer reply to it.