Recent versions of OJS 2 and 3 use the password_compat library rather than md5 and sha1. Passwords will automatically be updated to a modern hash rather than the old md5 and sha1 hashes as they are used (or as new ones are created). The encryption option in config.inc.php is only relevant for legacy password hashes which haven’t been upgraded yet (because the user hasn’t logged in).