Honestly, I don't see the need for such high strength security on a scouting site. Unless you are including SSNs I doubt any information you are storing cannot be obtained publicly.
It's this kind of cavalier attitude to personal data by organisations big and small that is exposing web users to the unscrupulous. It's fantastic to see that scottyrob is concerned with the security of the data he is storing whether or not others considered it to be important or not.
scottyrob, having a secure login is only the first step. Using a one way hash to store passwords is important, as is only entering form data over an SSL connection.
Even if a user is logged in don't presume that they are "trusted" when entering data or querying the database. That is, presume that anything submitted by a form on your site needs to be cleaned. Php has native functions for this such as addslashes().
In terms of guarding against key loggers etc, encourage your subscribers to ensure that all of their operating system is up to date. Run virus scans regularly, use products such as SpyBot, ewido (now AVG anti-spyware), Spyware blaster. Above ensure that you update your browser and OS regularly.
A very good login script can be found at evolt.org.