bcrypt or Argon 2?

We were so priviledged to have the mighty Troy Hunt come along to speak to our students, and he talked about companies moving their hash passwords from MD5 and SHA1 towards improved methods such as bcrypt and Argon 2.

Hopefully, overall, we have passed the point of using MD5 or SHA1 for hashing passwords, as these can be weak. Basically, MD5 and SHA1 are fast hashing methods, and where many possible passwords could be tried at a rapid rate. bcrypt and Argon 2 slow down this process, so that the rate of hashing is significantly reduced. So, which should you use?

bcrypt

MD5 and SHA-1 produce a hash signature, but this can be attacked by rainbow tables. Bcrypt is a more powerful hash generator for passwords and uses salt to create a non-recurrent hash. It was designed by Niels Provos and David Mazières, and is based on the Blowfish cipher. It is used as the default password hashing method for BSD and other systems. Overall it uses a 128-bit salt value, which requires 22 Radix-64 characters. It can use a number of iterations, which will slow down any brute-force cracking of the hashed value.