The big benefit with salting is that you can't leverage knowledge about one user's password to determine someone else's. Md5 was considered a bad choice 10 years ago. Why were yahoo still using it is a big mystery. It is literally broken to the point where you can google the hash to reverse it.
If you aren't using salt, you find someone with the password hint "password is Bernie2016" and now you know what all those F1697D2047065D93EECFEC16D670CD61 hashes mean. At least with salt you have to brute force each user independently.
And now you have that detail, you can use enumeration attacks on other sites to see what other accounts are valid and then try your luck with the same password.
Lesson 1
Use a different password on each website, so your yahoo breach doesn't give away your other more important passwords.
Lesson 2
Use long passwords. 4 random English words (like random, not quotes, verses or xkcd comics). This will guarantee that it is easy to memorise and type yet is too much entropy to exist in a rainbow table.
Use a password manager if you find that easier.
Biting the hand that feeds IT
