and these algorithms are the state of the art
not 3des or des3 (it's the same) - it's not state of the art, although it's widely used.
I guess this depends entirely on what you label 'state of the art'. Triple-DES is certainly secure enough currently, in fact, it's tried and tested for so long that it's probably got a better reputation (security-wise) than most new ciphers, such as Blowfish, Twofish, IDEA and even Rijndael. It is, however, slow in software, since DES was designed for hardware implementation and Triple-DES is only a third as fast as DES. It seems to me that the keylength also can't be extended, which was one of the criteria for AES contestants.
(it's just des 3 times with 2 different keys (there are 3 possible ways to use the keys: 1-1-2, 1-2-1, 2-1-1), which equals a key-length of 112 bits which is somewhat weak). it is used because of its speed for session-keys, not for passwords.
Actually, Triple-DES comes in two variants, one with three and another with two different keys. It is important to perform encryption with key one first, to then *decrypt* the ciphertext with key two and finally encrypt the ciphertext produced with key one or key three. As for the usage scenarios of 3DES, its lacking speed, when compared to other symmetric ciphers, is its most important drawback. As for passwords, since they are typically processed rather seldom (when compared to encryption/decryption of e.g. data streams), the speed of the algorithm used normally shouldn't be that important. This is similar to the case for SSL, where costly RSA operations are much fewer than relatively cheap RC4. This is beginning to go off-topic, though.. Cheers Tobias