I’m a former plaintext-password-storing web developer. A user called me out on this after a year of operation, and until that point I really didn’t see the problem. It was an “oh-duh” moment.
It’s easy to pick out the websites that do this, since they’re the ones that will offer to e-mail your password to you if you forget it. The ones that only offer a password reset are likely to be adequately encrypting your information.
I’m not a cryptographer either, but when I salt the key, I use a couple lengthy constants of special characters, as well as some other constant data about the user. I can’t imagine a pre-computed table big enough to contain every possible combination of 100 character keys.