Is Argon2 better than bcrypt?
Argon2 is modern ASIC-resistant and GPU-resistant secure key derivation function. It has better password cracking resistance (when configured correctly) than PBKDF2, Bcrypt and Scrypt (for similar configuration parameters for CPU and RAM usage).
I'd recommend you to use Argon2 instead of bcrypt for storing password. It has won the Password Hashing Competition last year and is the recommended way to store passwords. Bcrypt is not bad but it could be used with insecure parameters while Argon2 does not have insecure parameters.
In 2019 I'd recommend not to use PBKDF2 or BCrypt in the future and highly recommend Argon2 (preferrably Argon2id) for newer systems. Scrypt can be a second choice on systems where Argon2 is not available, but keep in mind that it has the same issues with respect to side-channel leakage.
A lot of your research is correct and still applies in 2021, so it is still secure to use BCrypt (which usually generates its own random salt for each password). Good password hashing algorithms are Argon2, SCrypt and BCrypt, they all offer a cost factor which controls the necessary time.
TL;DR; SHA1, SHA256, and SHA512 are all fast hashes and are bad for passwords. SCRYPT and BCRYPT are both a slow hash and are good for passwords. Always use slow hashes, never fast hashes.
It's a modern algorithm that allows you to choose which protection you want to apply, be it resistance to GPU attacks, side-channel attacks, or even both. In July 2015, Argon2 entered and won the Password Hashing Competition - and has remained a top algorithm ever since.
Argon2 is modern ASIC-resistant and GPU-resistant secure key derivation function. It has better password cracking resistance (when configured correctly) than PBKDF2, Bcrypt and Scrypt (for similar configuration parameters for CPU and RAM usage).
The salt is technically not required, but neither is Argon2, so yeah...
Argon2 uses not only the Blake2b function, but also something like a reduced version of Blake2b, the compression function G. You could possibly replace Blake2b by SHA-256, but you can't replace easily the reduced version, because Blake2b uses fewer rounds than SHA-256.
The result of bcrypt achieves core properties of a secure password function as defined by its designers: It's preimage resistant. The salt space is large enough to mitigate precomputation attacks, such as rainbow tables. It has an adaptable cost.
Can bcrypt be cracked?
bcrypt is a very hard to crack hashing type, because of the design of this slow hash type that makes it memory hard and GPU-unfriendly (especially with high cost factors).
Probably the one most commonly used is SHA-256, which the National Institute of Standards and Technology (NIST) recommends using instead of MD5 or SHA-1. The SHA-256 algorithm returns hash value of 256-bits, or 64 hexadecimal digits.
bcrypt is just obsolete – this was to find a successor to it. yescrypt, one of the recommended finalists, is an improved/fixed version of scrypt. "Obsolete" is a very strong word for bcrypt. MD5 is an obsolete hash function and needs to be avoided because it's vulnerable to practical attacks.
Currently, the best choice is probably Argon2. This family of password hashing functions won the Password Hashing Competition in 2015.
SHA-256 is not a secure password hashing algorithm. SHA-512 neither, regardless of how good it has been salted.
You can't decrypt but you can BRUTEFORCE IT...
I.E: iterate a password list and check if one of them match with stored hash.
Currently, the best choice is probably Argon2. This family of password hashing functions won the Password Hashing Competition in 2015.
The salt is technically not required, but neither is Argon2, so yeah...
SHA-512 is generally faster on 64-bit processors, SHA-256 faster on 32-bit processors. (Try the command openssl speed sha256 sha512 on your computer.) SHA-512/256 sits right in between the two functions—the output size and security level of SHA-256 with the performance of SHA-512—but almost no systems use it so far.
Argon2 uses not only the Blake2b function, but also something like a reduced version of Blake2b, the compression function G. You could possibly replace Blake2b by SHA-256, but you can't replace easily the reduced version, because Blake2b uses fewer rounds than SHA-256.
