Problem definition

Password hashing on servers dedicated to authentication (or maybe even to password hashing alone), at an organization large enough to go for this approach anyway
Some of the same approaches are also usable/tunable for use on non-dedicated servers - e.g., by operating systems for local users' passwords - but this may be a next step
Need decent throughput (~1000/s per server) and sane latency (< 100 ms)
Want to make best use of the server hardware to slow down offline password cracking (and thus reduce the percentage of passwords getting cracked in real-world attacks) should the password hash database (and a local parameter, if any) leak or be stolen