I did not realize that simply hashing a password with some salt is not good enough anymore. The problem is that SHA and MD5 are too fast! On modern machines a hacker can do a brute force attack on a single password in a few seconds. Instead, folks are recommending bcrypt because it is designed to be slow. Someone kindly wrote a .NET implementation of bcrypt here.
 I was just told that .NET already has an implementation of this scheme in Rfc2898DeriveBytes. The RFC explains the PBKDF2 algorithm, which iterates the hash function 1000 times. Bcrypt uses the Blowfish encryption algorithm, which internally does a lot of iterations. The important point is that both are slow.