One thing that people haven't mentioned is that the hash table is the major point of failure for password security. Once you get access to it, it is only a matter of time before your password is lost. In order to get real security improvements, you have to change the architecture so there's no single point of failure for all of a single website's userbase.
