It’s good to see some work being done in WordPress around this area.

For developers in general, who may not be familiar w/ all the ins and outs of storing user password hashes, salts, etc:

http://onwebapps.com/the-hopefully-somewhat-definitive-article-on-how-to-store-user-password-hashes/