It really hurts to read this large amount of misinformation :s
hashing isnt encryption.
MD5 was considered weak in 1996 already and migration to SHA1 was advised for a decade.
Since at least 2004 there are several confirmed efficient attacks on MD5 and it is considered "broken" nowadays. (See the papers of Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu).
MD5 does NOT generate a 32-Byte sum but a 128-bit sum.
Nobody "de-crypts" passwords unless they are ... "without any clue".
The SQL encrypt() function uses the unix "crypt" system call. Read the corresponding man-page why its a bad idea to use the crypt() system call (Hint: its a salt-based DES implementation as used in traditional unix password encryption). Nevertheless it is not _THAT_ weak that you can "decrypt" it (in a practical timely way by software only) - not even mysql
Oh and the general opinion that "if it has been done by a human - it can be broken by a human" which wakey hinted at - you may want to check out "quantenkryptographie". (none of my translators know the english word for it - but if you are really interested, i will look up some english articles about it - basically it is revolves around heisenbergs unschärfetheorie and its limitations - ofc. you can argue that even "law of nature" is only a temporary scientific viewpoint).
The ability to recover a password may not have to do anything with how a password is stored in the database used for account verification anyway.