I noticed that user passwords are stored in the database using an unsalted md5 hash for the internal authentication.

This is generally accepted as bad practice and broken, as md5 hashes can be cracked in a trivial amount of time.

I propose that Zabbix migrate to a salted sha256 hashing scheme to improve user password security.

It would be trivial to do by simply adding another column that marks what scheme the password is hashed with (defaulting to md5 for existing users), and on login / change of password, switch to a sha256 hash and update the hash column accordingly when md5 is used.

Since 2.2 is LTS, would really like for it to happen in 2.2.