hashing: Password Hashing
In argon2: Secure Password Hashing

Description Usage Arguments Details Value References Examples

Basic password hashing. Use pw_hash() to hash and pw_check() to compare a possible password with the hashed password.

1
2
3

pw_hash(pass, variant = "i", iterations = 16, memory = 8, nthreads = 2)

pw_check(hash, pass)

`pass`	The (plaintext) password.
`variant`	Choice of algorithm; currently the only supported choices are "i" and "d".
`iterations`	A time cost. Recommended to be at least 10. Can be any integer from 1 to 2^31 - 1.
`memory`	A memory cost, given in MiB. Recommended to be at least 8. Can be any integer from 1 to 2^21 - 1 (but don't be ridiculous).
`nthreads`	Number of threads. This affects the speed of hashing, so more is better.
`hash`	The hashed password; this is the output of `pw_hash()`.

The default options for iterations and memory should be sufficient for most purposes. You are encouraged to read the official documentation before modifying these values, which can be found here https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf.

On the other hand, nthreads is safe to change to fit your available resources, and you are encouraged to do so.

This uses the argon2 (i or d variety) hash algorithm. See references for details and implementation source code (also bundled with this package).

Our binding uses a 512 bit salt with data generated from MT.

pw_hash() returns a hash to be used as an input to pw_check().

pw_check() returns TRUE or FALSE, whether or not the plaintext password matches its hash.

Biryukov, A., Dinu, D. and Khovratovich, D., 2015. Fast and Tradeoff-Resilient Memory-Hard Functions for Cryptocurrencies and Password Hashing. IACR Cryptology ePrint Archive, 2015, p.430.

Reference implementation https://github.com/P-H-C/phc-winner-argon2

## Not run: 
library(argon2)

pass <- "myPassw0rd!"
hash <- pw_hash(pass)
hash # store this

pw_check(hash, pass)
pw_check(hash, "password")
pw_check(hash, "1234")

## End(Not run)