Customer passwords are hashed using the scrypt algorithm. scrypt is a password-based key derivation function. The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory.