Password rehash

[alexm]

Add a new feature that will rehash passwords with salt using EKS Blowfish when a user changes their password. It maintains backwards compatibility with current password digest and it supports other crypt(3) digests too.

[alexm]

FWIW I already tested Crypt::Eksblowfish::Bcrypt in spectre and it works fine with cost 10. Find the tests in ~alexm/src.

[alexm]

• Has anybody had the chance to take a look at these changes?
• What do you think about them?
• Is there any concern for merging them into production?

[labster]

It's somewhat terrifying to me that this hasn't been merged, or something like it. 2019 is way too late to be using MD5. I mean, I'd have implemented it with Authen::Passphrase, but I guess that has more dependencies.

[eseyman]

If someone fixes the conflicts, I'll agree to review it. Although, like @labster, I'm much more in favour of using Authen-Passphrase than Crypt::Eksblowfish::Bcrypt.