Even opting for bcrypt can be sketchy. Native support only appeared a few years ago, older versions rely on the OS - many of which didn't support blowfish without a patch. Fine if you control the server.
Since most people who face a choice between bcrypt and scrypt will be the ones who are developing new sites or considering a major upgrade to an old site, I don't think they'll care about compatibility with anything older than PHP 5.2. Even if you don't control the server, it's difficult to find a reputable web host nowadays that still runs anything older than PHP 5.2, and your average cPanel host is most likely to support a wide range of crypto functions.
kijin|13 years ago