SHA-1 and MD5 are two different encryption algorithms.
SHA-1 is a two way algorithm meaning that you can take the encrypted value, and decrypt the value to get the original plain text value back. This algorithm provides a good level of security for data, and is a standard algorithm which is used to protect credit card data when it is stored within a database.
MD5 is a one way hashing algorithm meaning that you can not take the hashed (or encrypted value) and decrypt it to get the original plain text value back. This provides an excellent level of security for things like passwords where you do not need the original value. To use an MD5 value you hash the value you want to check to see is encrypted and compare it to the stored hashed values for a match.
Neither MD5 nor SHA-1 is an “encryption” algorithm. Both are “hashing” algorithms.
In the simple sense, something that is encrypted can later be decrypted to get the original back.
Something that is properly hashed stays that way; it is a ‘fingerprint’ of the original pattern that cannot be ‘dehashed’ to reconstruct the original.
Ideally, there is only a single unique hash value that can be derived from each unique string of characters.
Of course, it’s easy to prove that that’s not possible when hash values are small — small as in 160 or 256 or 512 bits. But in practice, because the strings of characters aren’t random, because they’re patterns of words more than just patterns of letters, the number of likely hash values gets smaller.
The value of unique hashes is that they can be used to verify that the original string hasn’t been changed. If I send you a message along with a hash, you can run the message through the hash algorithm to see if the same hash value comes out. If it does, you can feel confident that you’re reading exactly what was written.
The passwords for your iSeries are stored in a “one-way” hashed form. When you enter the password for your user profile, it gets hashed and the result is compared to the stored hash value to see if it matches. That’s why you can’t find any passwords anywhere — they aren’t stored.
But don’t confuse it with encryption.