Even just using {b,s}crypt and a larger salt, even without regenning on every request, would be massively more difficult in terms of memory and CPU to reverse.