Is the password field in the users table hashed? Do I need to hash it myself, or has it already been done for me by backendless?
Yes, passwords are hashed.
Backendless encrypts passwords with a one-way algorithm (MD5 with salt) and stores the encrypted version of it. As a result, it’s impossible to decode it back to clear text.