bcrypt

In production, bcrypt is refreshingly straightforward. The API is minimal - hashpw() and checkpw() do exactly what you expect with no surprises. The library handles salt generation internally, and the cost factor (rounds) gives you explicit control over hashing time. We've run this at scale and the performance is predictable: each increment in rounds roughly doubles execution time, making capacity planning straightforward.

The biggest operational consideration is that bcrypt is intentionally CPU-intensive, which is the point. At rounds=12 (a reasonable default), expect ~300ms per hash on modest hardware. This blocks the thread, so you need to architect accordingly - either use async executors or accept the blocking behavior. We run hashing operations in thread pools to avoid blocking web workers. Memory usage is negligible and consistent.

Error handling is minimal but adequate - you'll mainly deal with ValueError for invalid salts or data. The library uses C bindings under the hood (via cffi), so installation occasionally hits issues on exotic platforms, but wheels are available for common environments. No connection pooling concerns since it's purely computational. Logging is absent, but the operations are atomic enough that you just wrap calls with your own instrumentation.

The bcrypt library does exactly what it promises with a refreshingly simple API. The core functions—hashpw() and checkpw()—are self-explanatory, and you'll be hashing passwords within minutes. The library handles salt generation automatically, and the work factor adjustment is straightforward. However, the type hints are minimal to nonexistent, which means you're relying heavily on documentation and runtime errors to catch mistakes.

Error handling is reasonable but not great. Pass the wrong types and you'll get C extension errors that aren't always intuitive. The distinction between bytes and strings trips up newcomers regularly—you must encode strings to bytes before hashing, and the library won't guide you through this. Documentation is sparse but adequate for the simple API surface.

In production, it's been utterly reliable. The performance is excellent, and the security track record speaks for itself. IDE autocomplete works for function names but won't help with parameter types or return values. For a security-critical library, I wish it had better type annotations and more helpful error messages for common mistakes.

In production, bcrypt has been remarkably stable and predictable. The API is dead simple - hashpw() and checkpw() do exactly what you need with no surprises. The library properly handles salt generation internally, eliminating a common security footgun. Performance is CPU-bound by design, which means you need to architect around it, but at least it's consistent and measurable.

The work factor (cost parameter) gives you direct control over hashing time, typically 10-12 for production use. Critical gotcha: each hash operation blocks for 250-500ms at cost=12, so you absolutely must run this in thread pools or async executors to avoid blocking your event loop. We run it in a ProcessPoolExecutor for API endpoints to prevent one slow hash from cascading.

Error handling is straightforward - invalid salts raise clear exceptions, and the library doesn't silently fail. One annoyance is the bytes vs string handling; you're constantly encoding/decoding UTF-8. The C bindings mean installation can occasionally fail in restricted environments without build tools, though wheels cover most platforms now. No built-in rate limiting or memory-hard alternatives, so you're on your own for DoS protection.