Argon2

Argon2 Key Derivation Function

The winner of the Password Hashing Competition, designed to be memory-hard and resistant to GPU cracking attacks.

รายละเอียดทางเทคนิค

Password argon2 uses intentionally slow algorithms to resist brute-force attacks. bcrypt (1999) uses Blowfish with a configurable cost factor (2^cost iterations). Argon2 (2015, Password Hashing Competition winner) adds configurable memory requirements, making GPU attacks expensive. A cost factor should be tuned so that hashing takes ~250ms on your hardware. Salts (random per-password data) ensure identical passwords produce different hashes, defeating pre-computed rainbow tables. Never use MD5 or SHA-256 alone for passwords — they're too fast.

ตัวอย่าง

```
Password hashing comparison:

  bcrypt:  $2b$12$salt22chars..hash31chars..
           Cost factor 12 → ~250ms per hash

  argon2id: $argon2id$v=19$m=65536,t=3,p=4$salt$hash
            Memory: 64MB, Iterations: 3, Parallelism: 4

  Never use: MD5, SHA-256 alone (too fast → brute-forceable)
```

เครื่องมือที่เกี่ยวข้อง

P Password Generator P Password Strength Checker H Hash Generator H HMAC Generator A AES Encrypt / Decrypt R Random String Generator C CSP Header Generator T Text Redactor C CORS Header Generator S SRI Hash Generator B Base64 Encoder / Decoder J JWT Decoder U UUID Generator T TOTP Configurator S SSL Certificate Decoder

คำศัพท์ที่เกี่ยวข้อง

AES RSA SHA-256 SSL/TLS PGP Steganography Checksum Password Hashing QR Code HMAC TOTP Key Derivation Salt Entropy Public Key OWASP Top 10 XSS CSRF SQL Injection Command Injection Path Traversal SSRF HSTS Certificate Pinning Zero-Day CVE Penetration Testing Threat Modeling Defense in Depth Insecure Deserialization XXE SRI CORS Misconfiguration Sensitive Data Exposure 2FA RBAC PKI DDoS WAF Nonce E2EE FIDO2 Clickjacking Sandbox