1) added column "salt" to ad_user
2) increased length of ad_user.password to 1024 (see 5)
3) added/changed passwords will automatically be saved in hashed form
4) code will still authenticate plain-text/encrypted passwords
5) if password column is encrypted then stored hashes will be encrypted (redundant but the easiest way to achieve backwards compatibility)
6) Added process "Hash Passwords" to convert all existing user passwords -- backup first!