Implement bcrypt and replace our SHA1 hashing algo with it. Make the bcrypt cost a configurable option in Administer - Settings and during initial DB seed calculate a good starting value. Note: This BZ was created as a tracker for already closed upstream bug for our docs team.