The reason they use something like that is first there something called rainbow tables or glorified brute forces that try and guess your password, add a salt and it gets that much harder but they can add the salt to the list and have them md5 that now md5 the password then salt it and md5 it and it just's that much harder to crack...

In the end MD5 and SHA1 have been cracked because computers can't do true random numbers (they're based off algoritms like the twister) and thus reversible. so if a team of determined hackers want your password than they will get them, the only true way to be secure from network intrusion is to black box it - I find security to be more a game of "Tire out the hacker" then "Keep the hacker out" (I refrain from using "he" or "him" because some girls are very nasty hackers..)

__________________
"What everyone seems to forget is that while knowledge certainly is something - it's the implementation of knowledge that brings power" - Andres Galindo.