Salted and Hash and Encrypted doesn't make any sense.
At least one major software security company recommends, as best practice, doing an scrypt of your user passwords, and then doing an encryption of that based on a key stored in your appserver (which you may not necessarily lose as easy as you lose your DB).
I'm not necessarily defending that practice -- I was not prepared for a debate when presented with it -- but Reputation.com could well have gotten advice from this company and followed it, and they would call it "Salted and Hashed and Encrypted" very honestly.
At least one major software security company recommends, as best practice, doing an scrypt of your user passwords, and then doing an encryption of that based on a key stored in your appserver (which you may not necessarily lose as easy as you lose your DB).
I'm not necessarily defending that practice -- I was not prepared for a debate when presented with it -- but Reputation.com could well have gotten advice from this company and followed it, and they would call it "Salted and Hashed and Encrypted" very honestly.