The plugin is in the violation of the GPL, as described here:
https://nocluez.wordpress.com/2015/04/19/a-word-on-gliden64/
Please send me a copy of the source code, or make it available, per the GPL …
We currently use the default number of rounds (edit: cost factor, see below comments) for bcrypt to hash the codenames - 12. We could easily make brute force attacks more difficult by increasing this …