ECDSA/secp256k1 is quantum-resistance as long as it's public key isn't known, which means users should be fine as long as they never re-use their Bitcoin address and Quantum computer isn't fast enough to find out it's private key before the transaction got confirmed/fully propagated to all nodes.
But there are proposal to use cryptographic signature which is quantum resistant, even though AFAIK there's huge trade-off such as far larger signature size and longer verification time.
I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner, "ordinary computers" and network technology will be at the point that a larger signature size wouldn't be a problem either. Or are we still going to be fretting that someone's raspberry pi that they bought in 2009 should still be able to run a full node while only connecting with a 56K modem?