that's a very broad subject.
technically, SHA1 encryption is a one way encryption method, meaning that it is not decrypt able.
but in the world of security there are always people who will try to break into anything.
the use of encryption is not really to protect the data if someone breaks into your MySQL server and steals the data , you have bigger problems if that happens, it is to protect the data from being sniffed while being passed from the client browser to your server when the login page is posted, especially if your are not using an SSL layer.
SHA1 is only one encryption method offer by security assist, others such as crypt are a little more secure, they require a salt string to be used when encrypting or decrypting the data, if they salt string is not known, the data will not be able to be decrypted.