> But if someone asked, and they didn't have a very specialized application, I'd tell them that switching to scrypt from bcrypt, or even PBKDF2, would be a waste of money.
Argon2/scrypt/bcrypt/PBKDF2 are fine. I think PBKDF2 is the worst choice, but is still acceptable.
The real problem is the prevalence of md5($password) e.g. in software like Piwik.
> But if someone asked, and they didn't have a very specialized application, I'd tell them that switching to scrypt from bcrypt, or even PBKDF2, would be a waste of money.
Argon2/scrypt/bcrypt/PBKDF2 are fine. I think PBKDF2 is the worst choice, but is still acceptable.
The real problem is the prevalence of md5($password) e.g. in software like Piwik.