perhaps try this instead:
$mailHeader .= "Bcc: firstname.lastname@example.org".$lineEnd;
SHA1 is a one way encryption method, it cannot be decrypted.
My guess on the problem with the encrypted password is one of 2 things:
1) The user may not be copying and pasting the password from the email, they may be entering it manually and not getting the case correct.
if the new random password that was generated was:
and the user enters it as:
because the case is different it will not work.
2) It could be that in copying the password, a leading or trailing space was also copied. pasting "vR4eF " or " vR4eF" into the password field will fail because of the leading or trailing space.