Or, better yet, just use the system designed to store passwords: bcrypt.
I recently rejected bcrypt because it seemed to have no way of increasing the verification cost on an existing hash, as would be needed a few years down the road. Was I wrong?
Also, articles promoting bcrypt often suggest not using SHA-1 because it runs fast in a GPU/FPGA. Can't bcrypt be made faster in a similar way?