Hash algorithm unsafe

[mishari]

I mentioned this to @taneekpek at Barcamp. I would like to propose that bcrypt is used as a hash algorithm instead of sha256.

[re7eal]

Can you elaborate your concern so that others who are working on the project may know the reason(s) without asking @taneekpet one by one?

[taneekpet]

IIRC, he mentioned that SHA256 is subjected to brute force attack while bcrypt is specially design to prevent this.
As I say at Barcamp, we increase the hash input space by adding salt.
However, thank you for your suggestion.
It should be good idea to look into bcrypt to see if it's more secure than SHA256 and if it's widely-supported by HSM.