This move also signals to the community that bcrypt is considered a best practice, important enough that it's included by default.
bcrypt has been considered a best practice for quite a while. it's been openbsd's default password hashing scheme since 1997, and used in a number of php projects like drupal, phpbb, and wordpress for many years.
Yup. That hasn't stopped hordes of devs from doing stupid things with passwords. My point is that now, at least for Rails, bcrypt is harder to ignore. And that's a good thing.
bcrypt has been considered a best practice for quite a while. it's been openbsd's default password hashing scheme since 1997, and used in a number of php projects like drupal, phpbb, and wordpress for many years.