@FrankMcG @DAkacki There are definitely benefits to not allowing users to supply their own passwords (I've worked on govt level stuff that follows the same practice). But it shouldn't overtly affect your approach on the storage end - hashing exists to buy you time, not to fully protect you