Is SHA-256 + Salt still safe for password storage?

For password storage, salted SHA256 hashes are not recommended. This is because the general purpose SHA256 is designed to be fast. Fast is exactly what you do not want for a password hashing algorithm, because it makes brute force and dictionary attacks far more efficient.

Password storage hashes are designed to require a certain workload and in some instances, a minimum memory requirement. Good password storage scheme are designed to be hard to serialize and/or optimize.

The recommended password storage scheme in 2017 is BCrypt hash, with PBKDF2 as alternative, but slightly less regarded, option.

For a more complete answer, please read the sec.se 'standard answer' on password hashing by Thomas Pornin.