Though if I have the user name and the salted hash and also access to the service providers system, can't I use those to initiate a session? I mean getting the cleartext password allows me to start a session through the UI and also try to penetrate the user's other accounts elsewhere (maybe they reused the password), but if I have the salted hash and access to the sytem, I'm still able to get a session there, no?
Salting is to cover password reuse across services. If you already have the keys to the kingdom for a service you can almost certainly access a user's session
When you submit the hashed password it will get re-hashed and no longer match the hashed password in the database.
I'm not sure what you mean by having access to the system. If you have write access to the database you can just change the user's password to whatever you want.
