Hashing is NOT encryption - you cannot de-hash/un-hash something to determine its original value.
Storing passwords as hashes, or as "salted hashes" or "salt and peppered" hashes is a relatively secure method of storing password information.
It's many orders of magnitude more secure than storing passwords as plain text, because you don't have any copies of the users passwords - only hashes of them. Whenever the user tries to log-in - you hash the string they entered on the login page and then compare it against the hashed value that is stored for that user. If the hashes match - you know that the user entered the correct password - without ever having to know what the users actual password was.
And this is a pretty secure way to do things.
However - if somebody breaks into your website and steals your database (or if a website has a malicious administrator) - they could easily write a script, or program which uses a pre-hashed dictionary of commonly used passwords (aka a Rainbow Table) and then compare the hashes in their dictionary/table against the hashes stored in the database - in order to try to deduce the users passwords.
"Salted" hashes are even more secure than plain hashes.
If you use salted hashes - you'd typically assign each new user a randomly generated "salt" value when they sign up - the salt value will be used to alter the result of the hash slightly. The salt value is stored alongside the users login information and their password hash.
When a user logs in, you look up that users salt value, then you salt and hash the password they entered in the login page and compare that against the hash in the database - if the hashes match - the user entered the correct password, so you let them in!
A determined attacker could still write a script to generate a salted, hashed dictionary. But it would take a lot longer for them to crack every password in the database, because they'd have to salt and hash their entire dictionary each time, using each users "salt" value.
And if you add a randomized "pepper" value for each user - things become even trickier for attackers.
So hashing is a pretty secure method of authenticating users passwords - as long as you use a reasonably complex method of hashing the passwords. And as long as your users don't stupidly use anything too simple, or too common for their password!
One other very minor problem with using hashes is the possibility of hash-collisions. With hashing, there is always the risk that two or more distinctly different input values could result in the same hash value being generated.
So it is possible that someone could enter a completely different password that yields the same hash-value.
By the very nature of hashing - hash collisions can never be completely ruled out. But with SHA-256 and the newer SHA-3 method - there is less chance of collisions occurring - compared to older methods like MD5 and SHA-1.
But if you want to encrypt something and then de-crypt it, you will need to use true cryptography, NOT a hashing algorithm!