If the password matches your old one, it means that the site either does not use encryption at all, or uses the encryption method that is subject to fast reverse decryption. The first one is definitely bad. The second is also not very good - if the database is merged or access to the site is obtained, it will be easy to get passwords. In the case of encryption with the same MD5, dumping the database does not guarantee the recovery of your password.
If the password does not match the old one, it means that the site most likely generated it, sent it to you, encrypted it and already encrypted it into the database. Although the option with non-encryption or low-quality encryption is excluded to me.

This means that you need to use your own head first and not use the same password for two different sites.

And you also need to change the password after receiving it by mail. Well, I think every student knows about it.

If this site still does not encrypt traffic between itself and you, then I would stay away from such sites. In the light of all of the above, even if encryption is used on the database server with passwords, and it is sent to you in clear text, nothing prevents you from simply receiving your new password on the way to you.

If they send a new password to the mail, then it’s not scary, they can store it in the form of a hash. If they send an old one, it's bad.

I use a password generator for such sites. They are never used anywhere else. And I feel quite confident about it.