SHA1 and Crypt are both one way encryption methods, meaning they cannot be decrypted, both are good choices for encrypting passwords.
md5 is two way encryption method meaning it can be both encrypted and decrypted.
stoping people from gaining access to the zerver falls under server configuration, setting up strong usernames and passwords for MySQL access and for FTP access. we do not have tutorials for configuring the server, this should be handled by your host.
No, security assist does not any built in protection from brute force login attempts.