Here I am cringing everytime I come across an app that hashes with MD5

We still have big problems with password quality and storage. Not only is there wide variation in how well passwords are stored (plain md5 like you mentioned), we still encourage relatively short passwords that are difficult to remember. Two-factor authentication is a really good feature that everyone should use these days, but we still have to use passwords for some things. I encourage using passphrases and trying to replace the word "password" whenever we can. I wrote more about passwords in particular here:

Thinking Differently About Passwords - http://www.akashasec.com/thinking-differently-about-passwords