update the readme to note alternatives but still say bcrypt is good (#151)

* update the readme to note alternatives but still say bcrypt is good

* readme can say cryptography

* fix a nit, let me sleep alex!

1 files changed, 9 insertions, 1 deletions

diff --git a/README.rst b/README.rst
index af63754..22dc18c 100644
--- a/README.rst
+++ b/README.rst
@@ -8,7 +8,7 @@ bcrypt
 .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master
     :target: https://travis-ci.org/pyca/bcrypt
 
-Modern password hashing for your software and your servers
+Good password hashing for your software and your servers
 
 
 Installation
@@ -34,6 +34,11 @@ For Fedora and RHEL-derivatives, the following command will ensure that the requ
 
     $ sudo yum install gcc libffi-devel python-devel
 
+Alternatives
+============
+
+While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_.
+
 Changelog
 =========
 
@@ -177,3 +182,6 @@ Security
 identify a vulnerability, we ask you to contact us privately.
 
 .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/
+.. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt
+.. _`argon2_cffi`: https://argon2-cffi.readthedocs.io
+.. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt