While I love Virtuemart, I have to say how disappointed I am in the Virtuemart site itself. I just paid for an extension, which again, runs great, but I was shocked to find in my inbox, an email with my username and password in plaintext. Surely, as developers of an eStore, and having to worry about security and PCI compliance, you've heard of a cryptographic hash code http://en.wikipedia.org/wiki/Cryptographic_hash_function (http://en.wikipedia.org/wiki/Cryptographic_hash_function).
Passwords should never be stored in plaintext, or in a two-way encryption process. I am very uneasy about how Virtuemart's own website stores its customers' information now.
This is the usual way joomla is confirming your registration. The password is not plain stored