Thank you. My first reaction was: start by firing the first 3 employees who couldn't be arsed to encrypt passwords, and replace them with people you can trust.
Being aware of the current best practices in password encryption is part of your job. Checking if your knowledge is still up to date takes 30 minutes, tops. Implementing it in your stack of choice, provided you've made a sane choice to start with, is trivial. Hell, you can probably just cut and paste from one of the articles you've found in the aforementioned 30 minutes.
None of this will slow you down when getting the first alpha release out of the door.
Being aware of the current best practices in password encryption is part of your job. Checking if your knowledge is still up to date takes 30 minutes, tops. Implementing it in your stack of choice, provided you've made a sane choice to start with, is trivial. Hell, you can probably just cut and paste from one of the articles you've found in the aforementioned 30 minutes.
None of this will slow you down when getting the first alpha release out of the door.