+1 to using a password scheme that allows for future extensibility and/or change.
As to why storing passwords as a hashed signature (even with a salt), this has been making its rounds through the ruby community recently: http://codahale.com/how-to-safely-store-a-password/ just because a hash signature is a one-way function doesn't mean it's necessarily cryptographic.
