Hey there, folks!
I was wondering here... Is there any reason for PASSWORD_DEFAULT's
value not to be PASSWORD_ARGON2ID?
Would that change require an RFC?
Hi
I was wondering here... Is there any reason for
PASSWORD_DEFAULT's
value not to bePASSWORD_ARGON2ID?
To the best of my knowledge Argon2 is not available in a "default"
installation of PHP without including any external dependencies.
Also Argon2 for settings that are reasonable for interactive
authentication is worse than BCrypt according to:
https://twitter.com/TerahashCorp/status/1155119064248913920
and
https://twitter.com/TerahashCorp/status/1155129705034653698
Best regards
Tim Düsterhus
Argon2 is opt-in, not opt-out, at compile-time, so then we would have to
agree on it being acceptable for PASSWORD_DEFAULT to have different values
depending on compile-time options, maybe thats completely fine, or maybe it
isn't, idk.
But as Dusterhus points out, Argon2 is inferior to bcrypt anyway, according
to people much smarter than myself.
Oh and Argon2 has been around since 2015 and multiple vulnerabilities have
been discovered, speeding up brute force/dictionary attacks. Can't say the
same for bcrypt
Hi
I was wondering here... Is there any reason for
PASSWORD_DEFAULT's
value not to bePASSWORD_ARGON2ID?To the best of my knowledge Argon2 is not available in a "default"
installation of PHP without including any external dependencies.Also Argon2 for settings that are reasonable for interactive
authentication is worse than BCrypt according to:https://twitter.com/TerahashCorp/status/1155119064248913920
and
https://twitter.com/TerahashCorp/status/1155129705034653698Best regards
Tim Düsterhus--
To unsubscribe, visit: https://www.php.net/unsub.php
This is very interesting. It's the first time I see recommendations
pro Bcrypt and against Argon2. Even Owasp recommends Argon2 over
Bcrypt [1].
I am not a cryptography expert so I believe that if there is a
discussion of which one is better PHP shouldn't change things for now,
so that totally answers the question of why the default is still
bcrypt.
Thank you both for replying.
[1] https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html
Vinicius Dias,
Zend Certified Engineer,
iMasters PHP Certified Professional
Em qua., 6 de set. de 2023 às 16:25, Hans Henrik Bergan
divinity76@gmail.com escreveu:
Argon2 is opt-in, not opt-out, at compile-time, so then we would have to agree on it being acceptable for
PASSWORD_DEFAULTto have different values depending on compile-time options, maybe thats completely fine, or maybe it isn't, idk.But as Dusterhus points out, Argon2 is inferior to bcrypt anyway, according to people much smarter than myself.
Oh and Argon2 has been around since 2015 and multiple vulnerabilities have been discovered, speeding up brute force/dictionary attacks. Can't say the same for bcrypt
Hi
I was wondering here... Is there any reason for
PASSWORD_DEFAULT's
value not to bePASSWORD_ARGON2ID?To the best of my knowledge Argon2 is not available in a "default"
installation of PHP without including any external dependencies.Also Argon2 for settings that are reasonable for interactive
authentication is worse than BCrypt according to:https://twitter.com/TerahashCorp/status/1155119064248913920
and
https://twitter.com/TerahashCorp/status/1155129705034653698Best regards
Tim Düsterhus--
To unsubscribe, visit: https://www.php.net/unsub.php
Hi
This is very interesting. It's the first time I see recommendations
pro Bcrypt and against Argon2. Even Owasp recommends Argon2 over
Bcrypt [1].I am not a cryptography expert so I believe that if there is a
discussion of which one is better PHP shouldn't change things for now,
so that totally answers the question of why the default is still
bcrypt.
There is some opportunity for change or improvement. As a result of this
thread I've created an "Increasing the default BCrypt cost" RFC. I'd be
happy to see you within that RFC's discussion thread [1].
Best regards
Tim Düsterhus