Do you run a service that stores passwords? Ideally, passwords should be managed by a trustworthy third party (like sign-in with google). If you MUST store passwords, this is how - BCrypt uses tons of scientific research to know what the best way to store passwords is - this is key to the most secure way to store them.
When hackers get access to a hash list, they will use bruit force techniques to crack the hashes back to their original password which can be used for all kinds of purposes. With BCrypt, you can decide how long each hash takes to compute! The longer it takes to compute, the longer it will take to crack them (use salt rounds to change this, but keep in mind the number provided is put in 2^<saltRounds> so increasing it will take longer and longer (make sure your network requests don't time out).
I have a boost on this repl (not that it seems to help) to allow you to test it quickly. Have fun!