John Graham-Cumming has a very nice 4-part series on one-way functions and their application to passwords. The explanation is completely non-mathematical and should be understandable by anyone. By the end of the third post, Graham-Cumming has explained how a simple one-way function works, how it can be defeated, and how salting can make it (relatively) safe again. The fourth post completes the picture by discussing key stretching, again in a non-mathematical manner, as a way of increasing security by making a cracker work much harder to find a password.
Doubtless most Irreal readers already understand this material but it’s the perfect explanation for your non-technical friends (or boss). Well worth a read.