> One of the features of the winner is that you can offload the expensive computation to a client and still maintain the security you would have if it were done on the server
Yeah, I've heard it called "server relief." Slow password hash is computed on the client, then transmitted to the server and run through a fast hash before being stored.