"Do not hash passwords with: ... 10. Plaintext"

It's a shame that sites still do this.

A shame, definitely. It's unbelievable really. We've known how to properly hash and store passwords for years, the information is readily available, yet these big name companies still have these poor practices in place.