It's a safe bet that there's going to be an exodus of biblical proportions of users from LET to here. Considering that the LET user database has been compromised, what do we know of the hashing algorithm/salts used on LET? I don't know enough about IPB, but is it possible to create a plugin that checks new users passwords are different to what was used on LET? There's no need to reverse the hashes from LET, just regenerate them when a user signs up and make sure that the hashes don't match. Could save a whole load of hurt in the future. Just a thought.