it still looks at the pass in the options file
Yes, that's true. Manual describes it.
As for admin password, you are right, the only place where it is opened is options file. So, is it secure? We apologise, yes. In options file, there are also more important password saved, for example, password and login to sql database. This is php file, so if you simply run it in browser, it will display NOTHING. And, we think, it is more secure that keeping encrypted passwords in database. Because NOBODY except owner of forums can change it and view it, and you can do it ONLY via FTP, not directly from browser. So, it is secure, don't worry :)
Beginning from the version 2.0, it's also possible to store admin's password directly encoded as MD5 hash.