Dual salts would also be good, where one of the salts set in source code. If only the database is compromised, the passwords are safe.