So they decrypt it first?
The passwords are not encrypted, they are hashed. The difference being that an encrypted password can be “reversed” using a key. A hash CAN NOT BE reversed.