Security through obscurity should not used. Just saying. IMO, revealing the method used should not become an issue just like the reason why the more trusted crypto algorithms are publicly posted.

That said, bcrypt and a time/attempt limited lockout should go a good ways in securing your site.