So, while you could store the admin password hash, the router does need at least the WPA PSK to implement the protocol (see my reply to smtddr for more details).
What they could do, if they really wanted to be clever, is store a hash of the admin passphrase (which won't help anyone auth to the router) and store an encrypted version of the WPA PSK under a key derived separately from the admin passphrase.
Then, after the restore, you would require the admin to log in before the access point portion is turned on. When the admin logs in, rederive the encryption key, decrypt the PSK, and enable the access point.
It's a slightly degraded user experience, but it does have nice properties.
Note that the #psk line with the plain password is commented out, so it could be removed. How exactly this works though; why can that hash be used to login.... I have no idea whatsoever. Maybe it's not a hash. I'd love for someone to explain.
First let me explain the relationship between the first and second values.
For authentcation, passphrases are used because they're a lot easier for humans to remember than 256 bit hex strings. The WPA2 standard (IEEE 802.11i) defines the passphrase to PSK derivation as "PSK = PBKDF2(PassPhrase, ssid, ssidLength, 4096, 256)" (PBKDF2 is a hashing-based key derivation function, in this case using SHA1).
So, this takes us from a password to a key. Now how do we auth to the router?
In WPA2, there's a master-key (known as the "pairwise master key" or PMK) which is known by both the client and the access point. This key (the PMK) is then used in a 4-way hand-shake and key negotiation that allows each party to establish that the other has knowledge of the key. This key is either handled via a complex authorization mechanism like radius (WPA-EPA) or is simply shared between all the parties (WPA-PSK). In this case, the pre-shared key ("PSK") that we derived above is used directly as the PMK to complete the 4-way handshake.
