They're not suppose to, it is suppose to be encrypted. All they should be able to do is reset it to what they want. But i guess it all depends on how the server is set up.
not if the website is half decent. A pasword should be one way encryption, it sould not be possible to reverse engineer an encrypted password.
When checking a password the entered password should be encrypted and the result compared to the stored encrypted password - you should not decrypt a password and then compare it, this is insecure and also means a crap algorithm has been used.
Well, you can just turn off al that encryption/algorithm crap so you can see every one's passwords. But then, that just contradicts the whole idea of a password.
Well, sometimes websites have one-way encryption, making it impossible to retrieve passwords from it, but you can create a new password to overwrite it. As in 'you' as in the administrators.
not too much of a deal.
Those one way calculations are called "HASH keys" But if they really wanted to get your password they can use a program like LCP to crack those hashes.