I implemented password hash salting in Tilemap Town, with the ability to handle the old unsalted passwords and just upgrade them when the user changes their password next.

Sometimes I wonder why I'm bothering with backwards compatibility when there's almost certainly no other instances of the server aside from mine. There's still active code that runs upon database creation for converting the maps and users from a bunch of JSON files to a relational database, even.