yescrypt status (as of May 2014) It is our duty to point out that: (Incompatible) tweaks to yescrypt are expected as we finalize it Proper password hashing goes hand in hand with a corresponding password strength policy, and both should be chosen and tuned with a threat model in mind We're ready to assist with experimental yescrypt deployments We also have a (mature) password policy enforcement tool set, passwdqc libpasswdqc, PAM module, command-line program, PHP wrapper passwdqc for Windows Active Directory in private beta (ask!)