When addressing the solution of adding data (salt) I find the authors counter-argument unconvincing:

   Don’t get me wrong, this does make it significantly harder 
   to attack a leaked database to unmask every user, but the 
   resources required to do so or target specific users are 
   within the reach of many adversaries.

I don't see how it's more feasible to reverse hash(known_user+salt) than it is to dereference hash(salt), and even state level actors can't do anything but attempt to brute-force hash(salt). IOW without more behind the author's assertion, I don't buy it that adding more data to the data you want to protect is insufficient protection, even against known targets.