Hey, Trent told me about the work you are all doing on the security. I use that Comunity Server - (Forums, Blogs, Galleries and other stuff), and in the forum confs, the admin can set, the password of the users to be hashed or not. It's asp.net, sql and it's free to download, i guess not for comercial use...
http://www.communityserver.org/
Well, that's it, just an idea...
All the best,
Ricardo