Hash functions are meant to be unidirectional functions. But they can be reverted using dictionary methods or
rainbow tables[
^]. The 128 bit MD5 is more likely to be "decrypted" as the 16 bit SHA1.
But the question is rather what your purpose is.
A)
Crack something - we won't help!
B) Add password recovery functionality to your site. Than use random temporary password pattern.
C) If you really need revertible password. Never store your passwords in plain text. And don't use encryption when the decryption key is in the code or near it. I can imagine only one somehow safe method: create a certificate and store it in the application pool user's profile. Use that certificate to encrypt and decrypt the password. You can use also external cryptic device to store the certificate, thus only the one who has physical access to the server could ever get it.