In reply to john arran:
>But the better hashing algorithms, while not impossible to hack, are generally regarded as unfeasibly hard, and therefore appropriate for most uses.
The thing is that you're not looking for mathematical weaknesses in an algorithm. You simply either encode your own word list (and there are word lists of many millions of passwords, available.) Or, you look up a hash on a rainbow table.
If my password is hashed with MD5 and the string is:
836c21655d829d58889e1d58d251e641
You could look it up on this site (which claims to hold 125 million MD5 hashes.)
https://md5.gromweb.com/
The password is not stored as plain text, however, you can decode it easily. (Yes, I know MD5 is old, but the same holds true for more modern hashing algorithms.)
Storing a hashed password is more secure than storing a plain text password. But, it is not bomb proof.