https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016, posted 2016 by peter in development reference security toread
The Problem: You want people to be able to create a unique user account, with a password, which they will use to access your application. How can you safely implement this feature?
Easiest Solution: Use libsodium, which provides a secure password hashing API in most languages. As of version 1.0.8 it uses the scrypt algorithm, but in the next release (1.0.9) it will also offer Argon2, the most recent, carefully-selected algorithm from the Password Hashing Competition. Libsodium offers bindings for most programming languages.