Sorry, I didn't think my last comment needed clarifying any further - I actively use the bcrypt class for password hashing - I said Blowfish originally as I was comparing hashing algorithms.
Most encryption algorithms (including block ciphers) can be used as a hashing algorithm for passwords.
Just encrypt a common known plaintext string and use the password as the encryption key. This is exactly how various hashing schemes like UNIX's crypt() (based on DES) work.
Knowing the plaintext (e.g. a set of NUL bytes) is useless as long as the encryption scheme doesn't have a weakness against known-plaintext attacks [EDIT] that allow you to recover the encryption key somehow.
Yes, and Blowfish (or rather, a variant of it with an expensive key schedule) is used as the main building block of Bcrypt in roughly the way you describe. That doesn't mean that Blowfish is Bcrypt.
I feel like such a pedantic dick for harping on this, but the distinction is worth making.
