Why do people suggest using key stretching algorithms like bcrypt/pbkdf2 which take longer to calculate (on purpose), rather than using faster algorithms, which are also secure, like salted sha-256 or sha-512 and using a throttling mechanism to limit brute-force attacks?
Throttling is not CPU bound, and will deliver the same "delay" for brute-force attacks while still being fast for the average user. bcrypt/pbkdf2 on the other hand is CPU bound and will always be slow.
When you use key-stretching, then you prepare for the case that an attacker has stolen the hashes from your database. The attacker can then start an offline attack and brute-force with the full speed of his GPU/CPU to crack the passwords.
Only the absolute necessary code to calculate the hash is important then, since all other code like throttling can simply be left out. To set a minimum time per hash, you have to make the problem itself difficult to solve. That's key-stretching, there is no cheaper way as to calculate all the rounds of hashing, to get a comparable hash.
Some algorithms like BCrypt/SCrypt are additionally designed in a way, so that they are difficult to solve with a GPU.