Security question

Security as in secure not the Security component to not confuse anyone.

 

Is it better / more secure / better practise to have a table with “password” information only ,with  fields like user_id,  reset_token, question, answer, password, email, attempts and keep plain text (firstname, lastname, so on) in a User table?

 

Just curious.

 

Thanks

 

Dave