As long as HackerNews hashes my password with a semi-modern algorithm, I'm fine. Storing in plaintext / something that can be decrypted is not cool, but sha1 is alright by me.
But an unsalted hash is only better than plaintext if the attacker doesn't know enough/care enough to use a rainbow table. At that point, why do you care if it was hashed or not?
But that isn't nothing. For instance in the case of the reddit lost laptop incident, the information isn't immediately available to anyone who knows how to read a database dump. It has to decrypted which isn't a widely available skill and isn't instanteous even though its tractable.
I know where you're coming from, your basic nincompoop is breaking into cars and steals a laptop out of the trunk. Perhaps he has absolutely no idea what a password file is, let alone how to crack it with a rainbow table. HOWEVER, he does know how to sell the laptop to a local ask-no-questions pawn shop that specializes in (a) buying stolen goods, and (b) computers.
I suggest that the pawn shop I've just described employs someone with considerably more advanced cracking skills: they receive several stolen phones and computers a day and have a tidy business on the side selling data and stolen passwords to identity thieves.
I made this scenario up to illustrate that if there is valuable data that can be cracked open, the "market" will organize itself in such a way to get ahold of it.
That's still a smaller subset than the skills required to steal a laptop. Apparently thats controversial though, judging by the downvotes. I'm not suggesting this is how security should be designed, just pointing out that its not totally useless.
