Thanks for your suggestion. MiniBB has a basic method of password encryption, and you can change it easily, modifying bb_cookie.php, where it is possible to change md5 hashing to whatever algorithm. It is just one line of code to change and everyone is free to improve this with a personal method.
Actually, the most important about our product is not collecting memberships, but anonymous posting. We can make a large discussion on security, since I am not novice on this subject, too, but whatever we need to start from, is that everything
could be broken, hacked or stolen whatever algorithm you use. Then why to take care on it if we could just concentrate on the content itself.
As about this:
But the real problem isn't the forums. If the password is broken and is associated with an email address and reused elsewhere on the internet what then? In practice users like to use the same password for everything. That means they could very likely get access to the email, facebook, online banking, and God knows what else.
Sorry, it is not the question to our development. I am considering it stupid to take care about users who do not care about their own security. We cannot be responsible for them in any term. It is the same like if the car crash happens on the road because of the bad weather conditions or if the driver has passed an important sign; I think the car producing company would laugh if the victim would come to them, and claim their car was guilty, while the car has just 4 wheels and guilty may be only a driving person.