Comment its not obsolete... its overkill (Score 1) 17
The reason why bcrypt is still around is because key stretching does not really solve any fundamental core problem. It was only ever a band aid and never a solution.
For websites and other remote servers, passwords are just inappropriate. Users should always authenticate with public key tech, such as webAuthn for websites or ssh key auth for console. Passwords should not be used for remote services in any circumstance.
The only place passwords should ever be used is for access to to local device, and for local passwords to be secure, it needs to have entropy, and nothing can really change that.
Key stretching is at best a speed bump, while actually adding entropy does effectively make a password resistant to brute force guessing. And the only effective way to get entropy into a password is to have them be machine chosen and not human chosen, and organized mnemonically, not littered with special characters.
We should hope bcrypt is still around, or even weaker solutions like pbkdf2. Because that would mean people are finally starting to understand how passwords work, and their role in security.