Quite the simple discussion this one (one would assume):
If I'd hash the email and password, and then hash the hashes, whould this be considered safe enough or would this just be a waste considering you could just salt them both?
What should the salt be, could it be the username-part of the email?