UN-SHA()

tommmmm

I have all my users passwords SHA()-ed in my users table. Is there a way these can be converted to plaintext?

I read that SHA() algorithm has been broken, but have not seen it done anywhere.

laserlight

SHA-1 is theoretically broken for collision attacks, but such attacks are still infeasible in practice. Given a hash, you are trying to find a preimage that produces it. SHA-1 is not broken for these kinds of attacks (i.e., preimage attacks).

Anyway, why do you want to do this in the first place?