My recommended read for the day…
The definitive guide to form-based website authentication
N.B. you may need the day to read it!
This article also nicely explains other factors that should be considered when designing a login system.
I’ve started to switch from SHA512/256 to Argon2 for hashing passwords.
It would be nice for Wappler to include this within the UI. You can vote for it here.
Last piece of advice, consider outsourcing your authentication system. Systems such as Firebase Authentication (Google), Auth0 and Okta exist solely for this purpose. They have some very smart people working full time on this.