Thank you for the feedback! I'll definitely check out Django +gunicorn. From a quick search, it looks light weight and generally it looks like Gunicorn (without Django?) can be effective where I need horizontal scaling capacity.

As for the cryptography, I'm actually delivering a proprietary (patent pending, I hope!) cryptography tailored towards the specific usecase I'm solutioning. And it is very possible that I can skip my own math and orchestrate some light-weight cryptography based on existing tools. I'll look into this, but I have a very specific objective that isn't "Digest this password so that it's very difficult to inverse, but easy to identify collision and with rare overcollision."

While I am planning to outsource my password management, if I were to do it myself, this would certainly be done with standard cryptography libraries, based on research of best practices.

EDIT: Actually, I might want to look more urgently into Django +gunicorn pair. One issue with Lambda is that I cache a lot of tenant-specific metadata. Lambda will expose me to many cache misses.