Support for Argon2id added to libsodium. The high-level str_verify() function can verify both 2i and 2id, but the default remains 2i for now
If a password can be brute forced in 1 day, using 4 cores to make it 3.5 days instead doesn’t solve the actual problem.
-
-
Does that mean you'd be open to someone else doing it or you don't think it's worth supporting at all?
-
I’d rather not support it at all. It adds dependencies not available on all systems and makes the API more confusing.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.