This adds support for the 'scrypt' algorithm to the password hashing
infrastructure. This requires the 'scrypt' PHP extension from PECL to
be available (and specified in php.ini).
The extension only computes the hash of a string given the required
inputs. As a result, we store a 'serialized' hash in the database,
including the parameters used for hashing, and the salt as well.
The default login settings reflect the recommended 'interactive'
scrypt parameters: 16MB of memory per hash computation, which should
be quite safe.
scrypt is currently rated as a 'Great' hasher with a strength
of 4.0 (well above bcrypt, the next best choice).