You will always get 40 (using sha1) characters long random string, thats how encryption (hash) works. It doesnt matter that password in database will look like '9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684', you will still be able to login using your normal password, in this case 'pass', you are just unable to decrypt it.