principlejavascriptMajor
Password Hashing: Prefer argon2 over bcrypt
Viewed 0 times
argon2bcryptpassword hashmemory hardowaspphcpassword competition
Problem
bcrypt is capped at 72 bytes, has a fixed memory cost, and is increasingly vulnerable to GPU-accelerated cracking. Passwords need a memory-hard algorithm.
Solution
Use argon2id via the argon2 npm package. It is the winner of the Password Hashing Competition and is recommended by OWASP for new systems.
Why
argon2id is memory-hard, meaning attackers need large amounts of RAM per attempt—this neutralises GPU and ASIC parallelism, making brute-force attacks orders of magnitude slower.
Gotchas
- argon2 requires native binaries—may need build tools (python3, make, gcc) in Docker images
- Do not implement password comparison manually—always use argon2.verify() to prevent timing attacks
- Tune memory and time cost parameters for your server; OWASP recommends at least 19 MiB memory, 2 iterations for argon2id
- bcrypt silently truncates passwords at 72 bytes—long passphrases may collide
Code Snippets
Hashing and verifying passwords with argon2id
const argon2 = require('argon2');
async function hashPassword(password) {
return argon2.hash(password, {
type: argon2.argon2id,
memoryCost: 2 ** 16, // 64 MiB
timeCost: 3,
parallelism: 1
});
}
async function verifyPassword(hash, password) {
// Uses constant-time comparison internally
return argon2.verify(hash, password);
}
// Usage
const hash = await hashPassword('user-password');
const valid = await verifyPassword(hash, 'user-password'); // trueRevisions (0)
No revisions yet.