A SHA-512 with a 16-character salt, drawn from 64 possible characters,
yields 2^96 possible salts.  While this makes rainbow tables unrealistic
given modern hardware (the failure mode of RT 3.8's MD5 hashing), it
does very little to deter against offline brute force attacks on the
database.

Specifically, given the complete hashed password and salt from the
database, a dictionary of weak passwords can be hashed with the stored
salt to attempt to find matches.  Given that a single round of the
SHA-512 hash is not designed to be computationally expensive, possible
passwords may be hashed and checked very quickly.

The bcrypt hashing function is designed to be computationally expensive
to mitigate these types of attacks.  For instance, on a development
laptop:

                   Rate   bcrypt  sha-512
        bcrypt   3.34/s       --    -100%
        sha-512 36850/s 1102153%       --

That is, bcrypt is four orders of magnitude slower to compute, thus
notably increasing the computational cost of brute-forcing passwords.
bcrypt also includes a tuning parameter, the number of "rounds" to run,
which allows the same algorithm to be increase the computational cost
required as computers continue to grow faster.  We use the standard
value of 10 here, but allow for higher values to be used later.