The first thing to consider is: do you really need to build your own
authentication system? Facebook, GitHub, Google and others offer mature OAuth
implementations. Third-party service providers like Auth0 securely store
credentials on your behalf. Integrating with an identity provider like Okta or
OneLogin allows your clients to keep control of their identity data.
