If you use cascade encryption and one of its key was stolen, then weak hush could cause adversary to reverse salted password, thus he could break encryption. But if a key is stolen, sth is already wrong and it doesn't affect when you're using single encryption algorithm. [EDIT: I now saw TC document and it says when you use cascade, it makes double or triple sized key and then split it. So I think even with weak hush and when one of keys are stolen, still reversing salted password is impossible.] See this link if you don't trust what I said. https://helpdesk.lastpass.com/security-options/password-iterations-pbkdf2/ Of course it's not the case in authentication, it's different story.