Secure for now, rather. A solid game plan would be to have your code base set up to easily swap in a new hashing method when called for. I believe Django automatically promotes passwords stored with insecure hashes to secure ones the next time a user logs in.

Yeah not really an issue for a cache since you can just invalidate the cache when you change algorithm.