[mentat]

One of the ways for embedded devices to address this is require a hardware resident key is part of the hashing process (handled in hardware). Otherwise, if someone can get the hashes, you're not going to be able to find cost factors that provide good user experience and are also resistant to off device attacks.

[tptacek]

I think I'm having trouble coming up with the embedded hardware use case that requires real-time validation of lots and lots of different passwords. Because if all you have is a couple of passwords, you have a lot more wiggle room for your hash performance than most Rails apps do.