Add bcrypt as a hash algorithm option for hashIdentity

[anthology-zach]

Consider adding bcrypt as a hashing algorithm for the standard:
https://www.imsglobal.org/spec/ob/v3p0/impl

Right now we support MD5 / SHA256. Bcrypt allows for rounds of hashing which increases attack complexity.

Ex.

With bcrypt:

[xaviaracil]

Maybe it's not needed depending on the resolution of #610

[ottonomy]

Yeah, bcrypt is a "better" hashing algorithm in some ways, though this feature is not necessarily designed to be seriously robust against hash calculations. The far more likely attack scenario than brute forcing guessing email addresses is educated guessing of email addresses, and if the problem space is reduced to <firstinitial>.<lastname>@knowninstitution.edu, no hash algorithm is going to make an enormous difference in whether the identity will be possible to unmask.