Argon2
Argon2 Key Derivation Function
The winner of the Password Hashing Competition, designed to be memory-hard and resistant to GPU cracking attacks.
Chi tiết kỹ thuật
Password argon2 uses intentionally slow algorithms to resist brute-force attacks. bcrypt (1999) uses Blowfish with a configurable cost factor (2^cost iterations). Argon2 (2015, Password Hashing Competition winner) adds configurable memory requirements, making GPU attacks expensive. A cost factor should be tuned so that hashing takes ~250ms on your hardware. Salts (random per-password data) ensure identical passwords produce different hashes, defeating pre-computed rainbow tables. Never use MD5 or SHA-256 alone for passwords — they're too fast.
Ví dụ
```
Password hashing comparison:
bcrypt: $2b$12$salt22chars..hash31chars..
Cost factor 12 → ~250ms per hash
argon2id: $argon2id$v=19$m=65536,t=3,p=4$salt$hash
Memory: 64MB, Iterations: 3, Parallelism: 4
Never use: MD5, SHA-256 alone (too fast → brute-forceable)
```
Công cụ liên quan
P
Password Generator
P
Password Strength Checker
H
Hash Generator
H
HMAC Generator
A
AES Encrypt / Decrypt
R
Random String Generator
C
CSP Header Generator
T
Text Redactor
C
CORS Header Generator
S
SRI Hash Generator
B
Base64 Encoder / Decoder
G
Giải Mã JWT
T
Tạo UUID
T
TOTP Configurator
S
SSL Certificate Decoder
Thuật ngữ liên quan
AES
RSA
SHA-256
SSL/TLS
PGP
Steganography
Checksum
Password Hashing
QR Code
HMAC
TOTP
Key Derivation
Salt
Entropy
Public Key
OWASP Top 10
XSS
CSRF
SQL Injection
Command Injection
Path Traversal
SSRF
HSTS
Certificate Pinning
Zero-Day
CVE
Penetration Testing
Threat Modeling
Defense in Depth
Insecure Deserialization
XXE
SRI
CORS Misconfiguration
Sensitive Data Exposure
2FA
RBAC
PKI
DDoS
WAF
Nonce
E2EE
FIDO2
Clickjacking
Sandbox