I think you could implement verification of the implementation by allowing a user to retrieve their own password hash. Most would have no idea what to do with it, but a few people who know what's what could use that to verify that they're using the algorithm.

This does not detract from the rest of what you said, of course, and I agree that this wouldn't really be useful.