Yes, you are right, we don't know it.
But if Groundspeak is able to decrypt it, the algorithm should be somewhere in the code. So if there is somebody who gets access to the database he will probably get access to the code, too.
So I think a hashed (even better with a salt) password is the securest way to store passwords - like in many other big web projects/software.