New tool on the block - scrypt
In the context of hardware brute-force attacks, scrypt is thousands of times more secure than existing "best practice" solutions such as bcrypt and PBKDF2; in fact, under reasonable assumptions it is provably as strong as possible. In addition to the key derivation function itself, I have released a simple file encryption utility which is approximately 100 billion times more secure than openssl enc, due to OpenSSL using MD5 as a key derivation function.
Later in the comments Colin said:
Drepper's SHA crypt is actually weaker than bcrypt where hardware brute force attacks are concerned, since blowfish (and thus bcrypt) requires a larger die area than SHA256 or SHA512.
I'm planning on talking to Drepper about scrypt and investigating whether scrypt can be brought into linuxes and BSDs as a standard method for password hashing.
Colin Percival, Stronger Key Derivation via Sequential Memory-Hard Functions
, presented at BSDCan'09, May 2009.
Conference presentation slides: PDF
The best way to learn UNIX is to play with it, and the harder you play, the more you learn.
If you play hard enough, you'll break something for sure, and having to fix a badly broken system is arguably the fastest way of all to learn. -Michael Lucas, AbsoluteBSD