You can employ encryption for protecting network traffic, secrets, and ordinary data at rest. Consider the following recommendations stated in the NIST standard for choosing appropriate cipher suites and key management techniques:
For storing passwords, always use a salt. A salt should be unique for every stored password and randomly generated.
For symmetric encryption with passphrases, use a passphrase with appropriate entropy valid for particular cipher key strength and expected bruteforce durability. For example, a valid passphrase for 128 bit cipher (CAST5, AES128) should contain at least 128 bits of entropy.
Whenever possible, use ephemeral keys to maintain forward secrecy. Use DiffieHellman for exchanging keys.
Whenever possible, use Elliptic Curve Cryptography (ECC) as it requires less computational power than RSA or DSA.
To protect sensitive data (encrypting and digitally signing) in a long perspective (2031 year and beyond), use cipher suites and key length with security strength 128 or more (192, 256).
Note
The finitefield cryptography (FFC) and integerfactorization cryptography (IFC) algorithms with higher security strength of 192 and 256 bits are not currently included in the NIST standards for interoperability and efficiency reasons.
Use the algorithms that have security strength of 128 bits that are secure and efficient at the same time. To protect data until 2030, you can use cipher suites and key length with the security strength of 112 bits.
Until 2030 (key strength = 112 bits) 
After 2030 (key strength = 128 bits) 


Hashing and digital signatures 
SHA224, SHA512/224, SHA3224 
SHA256, SHA512/256, SHA3256 
Symmetric 
3TDEA 
AES128 
FFC 
DSA and DiffieHellman(DH) L=2048, N=224 
DSA and DiffieHellman(DH) L=3072, N=256 
IFC 
RSA2048 
RSA3072 
Ellipticcurve (ECC) 
ECDSA with the key size f=224255 
ECDSA with the key size f=256383 
where L  is the size of the public key, N  is the size of the private key.